Skip to content

auth

This module defines a router for the api that is dedicated to authentication.

login 

login(user_credentials: Annotated[OAuth2PasswordRequestForm, Depends()], session: Annotated[Session, Depends(database.get_session)])

Endpoint for user login. Returns a JWT token upon successful authentication.

Parameters:

Name Type Description Default
user_credentials OAuth2PasswordRequestForm

The user's credentials (username and password) obtained from the request.

 required
session Session

The session to interact with the database.

 required

Raises:

Type Description
HTTPException

If the credentials are invalid, raises status code 403 (FORBIDDEN) with appropriate detail.

Returns:

Type Description
Token

The JWT token and its type upon successful authentication.
Source code in api/routers/auth.py 
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
@router.post("/login", response_model=models.Token)
def login(
    user_credentials: Annotated[OAuth2PasswordRequestForm, Depends()],
    session: Annotated[Session, Depends(database.get_session)],
):
    """
    Endpoint for user login. Returns a JWT token upon successful authentication.

    Parameters
    ----------
    user_credentials : OAuth2PasswordRequestForm
        The user's credentials (username and password) obtained from the request.
    session : Session
        The session to interact with the database.

    Raises
    ------
    HTTPException
        If the credentials are invalid, raises status code 403 (FORBIDDEN) with appropriate detail.

    Returns
    -------
    models.Token
        The JWT token and its type upon successful authentication.
    """
    user = database.get_user(user_credentials.username, session)

    if not user:
        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Invalid Credentials")

    password_matching = oauth2.verify_password(user_credentials.password, user.password)
    if not password_matching:
        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Invalid Credentials")

    access_token = oauth2.create_access_token(data={"user": user.id})

    return {"access_token": access_token, "token_type": "bearer"}