Implement Authentication Logic, Routes, Middleware

[mmiqball]

Notion ticket link

Authentication Logic and Routes

Implementation description

Auth Service

• implements functionality related to authentication, such as checking authorization and roles, generating and revoking tokens etc.

Auth Routes

• routes for logging in, refreshing access tokens, logging out
• related schemas added to the schemas directory

Middleware

• Basic authorization checks for Firebase access tokens implemented using the format in FastAPI's docs
• Role based access control added as dependency injections

Local Testing

Make sure your local backend is running:

• docker compose up -d db in llsc to get the database running
• pdm run dev in llsc/backend to get server running

Access route schemas and definitions from {server url}/docs and test with Postman. Recommended order is to:

• create a user with the schema, verify it shows up in both the docker container db and in Firebase
• login using their credentials
• use test endpoints to verify if auth token middleware and the role-based access control dependency works as expected
• refresh the user's token
• logout

What should reviewers focus on?

• General approach and architecture
• Any design concerns that may be affected
• Is the implementation flexible enough to accommodate changes that will definitely come up later on?

Checklist

• My PR name is descriptive and in imperative tense
• My commit messages are descriptive and in imperative tense. My commits are atomic and trivial commits are squashed or fixup'd into non-trivial commits
• I have run the appropriate linter(s)
• I have requested a review from the PL, as well as other devs who have background knowledge on this PR or who will be building on top of this PR