from fastapi import APIRouter, Depends, Request from pydantic import BaseModel from fastapi.security import OAuth2PasswordRequestForm from app.auth import ( check_login_rate_limit, create_access_token, get_current_user_cookie_or_bearer, verify_admin_credentials, ) router = APIRouter(prefix="/auth", tags=["auth"]) class TokenResponse(BaseModel): access_token: str token_type: str class MeResponse(BaseModel): username: str @router.post("/login", response_model=TokenResponse) def login(request: Request, form_data: OAuth2PasswordRequestForm = Depends()): check_login_rate_limit(request) verify_admin_credentials(form_data.username, form_data.password) token = create_access_token(form_data.username) return {"access_token": token, "token_type": "bearer"} @router.get("/me", response_model=MeResponse) def me(username: str = Depends(get_current_user_cookie_or_bearer)): return {"username": username}