Files
hackathon-v-escape-4ff8b5a6…/backend/app/routers/auth.py
marianesaldana 80dbd947e5 Initial commit
2026-05-23 08:59:34 -06:00

67 lines
2.8 KiB
Python

from fastapi import APIRouter, Depends, HTTPException, status
from sqlalchemy.orm import Session
from ..database import get_db
from ..schemas.auth import UserRegister, UserLogin, OAuthLogin, Token, UserOut
from ..services import auth_service
from .deps import get_current_user
router = APIRouter(prefix="/auth", tags=["auth"])
def _make_token(user) -> Token:
"""user puede ser un User o un int (id)."""
if isinstance(user, int):
# Fallback antiguo
token = auth_service.create_access_token({"sub": str(user)})
return Token(access_token=token, role="CIUDADANO")
token = auth_service.create_access_token({"sub": str(user.id), "role": user.role})
return Token(access_token=token, role=user.role)
@router.post("/register", response_model=Token, status_code=201)
def register(data: UserRegister, db: Session = Depends(get_db)):
if data.email and auth_service.get_user_by_email(db, data.email):
raise HTTPException(status_code=400, detail="El correo ya está registrado")
user = auth_service.create_user(db, data.full_name, data.email, data.phone, data.password)
return _make_token(user)
@router.post("/login", response_model=Token)
def login(data: UserLogin, db: Session = Depends(get_db)):
# Normalizar entrada: trim espacios, lowercase email
email = (data.email or "").strip().lower()
password = (data.password or "").strip()
# Log de debug — muestra qué llega exactamente (sin la contraseña completa)
print(f"[LOGIN] email_recibido={email!r} pw_len={len(password)}")
if not email or not password:
raise HTTPException(status_code=401, detail="Credenciales inválidas — campos vacíos")
# Buscar usuario (case-insensitive con LOWER en SQL)
from sqlalchemy import func
from ..models.user import User as UserModel
user = db.query(UserModel).filter(func.lower(UserModel.email) == email).first()
if not user:
print(f"[LOGIN] ✗ usuario no encontrado")
raise HTTPException(status_code=401, detail="Credenciales inválidas")
if not user.hashed_password:
print(f"[LOGIN] ✗ usuario sin password (cuenta OAuth)")
raise HTTPException(status_code=401, detail="Esta cuenta usa OAuth, no contraseña")
if not auth_service.verify_password(password, user.hashed_password):
print(f"[LOGIN] ✗ password incorrecta")
raise HTTPException(status_code=401, detail="Credenciales inválidas")
print(f"[LOGIN] ✓ login OK para id={user.id}")
return _make_token(user)
@router.post("/oauth", response_model=Token)
def oauth_login(data: OAuthLogin, db: Session = Depends(get_db)):
user = auth_service.get_or_create_oauth_user(db, data.provider, data.oauth_id, data.email, data.full_name)
if data.push_token:
user.push_token = data.push_token
db.commit()
return _make_token(user)