Mireya Cueto Garrido
90 lines
2.5 KiB
Python
90 lines
2.5 KiB
Python
from fastapi import APIRouter, HTTPException, status
|
|
from api.database.mongodb import users_collection
|
|
from api.models.user_models import UserCreate, UserLogin
|
|
from api.utils.security import hash_password, verify_password, generate_token
|
|
from bson import ObjectId
|
|
|
|
router = APIRouter(prefix="/auth", tags=["auth"])
|
|
|
|
|
|
@router.post("/register")
|
|
async def register_user(user: UserCreate):
|
|
existing_username = await users_collection.find_one({"username": user.username})
|
|
if existing_username:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="El nombre de usuario ya está en uso",
|
|
)
|
|
|
|
existing_email = await users_collection.find_one({"email": user.email})
|
|
if existing_email:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
detail="El email ya está registrado",
|
|
)
|
|
|
|
token = generate_token()
|
|
|
|
user_doc = {
|
|
"username": user.username,
|
|
"email": user.email,
|
|
"password_hash": hash_password(user.password),
|
|
"token": token,
|
|
"history": [],
|
|
}
|
|
|
|
result = await users_collection.insert_one(user_doc)
|
|
|
|
return {
|
|
"message": "Usuario registrado correctamente",
|
|
"user_id": str(result.inserted_id),
|
|
"token": token,
|
|
}
|
|
|
|
|
|
@router.post("/login")
|
|
async def login_user(credentials: UserLogin):
|
|
user = await users_collection.find_one({"email": credentials.email})
|
|
if not user:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Credenciales inválidas",
|
|
)
|
|
|
|
if not verify_password(credentials.password, user["password_hash"]):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Credenciales inválidas",
|
|
)
|
|
|
|
new_token = generate_token()
|
|
|
|
await users_collection.update_one(
|
|
{"_id": user["_id"]},
|
|
{"$set": {"token": new_token}}
|
|
)
|
|
|
|
return {
|
|
"message": "Login correcto",
|
|
"user_id": str(user["_id"]),
|
|
"username": user["username"],
|
|
"token": new_token,
|
|
}
|
|
|
|
|
|
@router.post("/logout/{user_id}")
|
|
async def logout_user(user_id: str):
|
|
user = await users_collection.find_one({"_id": ObjectId(user_id)})
|
|
if not user:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Usuario no encontrado",
|
|
)
|
|
|
|
await users_collection.update_one(
|
|
{"_id": ObjectId(user_id)},
|
|
{"$set": {"token": None}}
|
|
)
|
|
|
|
return {"message": "Sesión cerrada correctamente"}
|