Backend totalmente hecho con mongodb, añadida la funcionalidad de usuarios con historial

2026-03-27 11:16:44 +01:00
parent 57b64b4f1e
commit e19e971cd6
15 changed files with 252 additions and 89 deletions
@@ -0,0 +1,89 @@
+from fastapi import APIRouter, HTTPException, status
+from api.database.mongodb import users_collection
+from api.models.user_models import UserCreate, UserLogin
+from api.utils.security import hash_password, verify_password, generate_token
+from bson import ObjectId
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+
+@router.post("/register")
+async def register_user(user: UserCreate):
+    existing_username = await users_collection.find_one({"username": user.username})
+    if existing_username:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="El nombre de usuario ya está en uso",
+        )
+
+    existing_email = await users_collection.find_one({"email": user.email})
+    if existing_email:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="El email ya está registrado",
+        )
+
+    token = generate_token()
+
+    user_doc = {
+        "username": user.username,
+        "email": user.email,
+        "password_hash": hash_password(user.password),
+        "token": token,
+        "history": [],
+    }
+
+    result = await users_collection.insert_one(user_doc)
+
+    return {
+        "message": "Usuario registrado correctamente",
+        "user_id": str(result.inserted_id),
+        "token": token,
+    }
+
+
+@router.post("/login")
+async def login_user(credentials: UserLogin):
+    user = await users_collection.find_one({"email": credentials.email})
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Credenciales inválidas",
+        )
+
+    if not verify_password(credentials.password, user["password_hash"]):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Credenciales inválidas",
+        )
+
+    new_token = generate_token()
+
+    await users_collection.update_one(
+        {"_id": user["_id"]},
+        {"$set": {"token": new_token}}
+    )
+
+    return {
+        "message": "Login correcto",
+        "user_id": str(user["_id"]),
+        "username": user["username"],
+        "token": new_token,
+    }
+
+
+@router.post("/logout/{user_id}")
+async def logout_user(user_id: str):
+    user = await users_collection.find_one({"_id": ObjectId(user_id)})
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Usuario no encontrado",
+        )
+
+    await users_collection.update_one(
+        {"_id": ObjectId(user_id)},
+        {"$set": {"token": None}}
+    )
+
+    return {"message": "Sesión cerrada correctamente"}