feat: Phase 1 后端骨架主体入库(补 backend/app 主体与 requirements.txt)
上轮 3 次 commit 只入库了修补文件,主体目录漏入库。本次补入 backend/app/、backend/requirements.txt、backend/scripts/__init__.py。同步在 .gitignore 加 homePC/(制片人家用机带过来的参考文件,不进库)。
This commit is contained in:
@@ -0,0 +1,46 @@
|
||||
"""
|
||||
认证路由 — 登录 / 登出 / 当前用户
|
||||
"""
|
||||
|
||||
from fastapi import APIRouter, Depends, HTTPException, Request, status
|
||||
from sqlmodel import Session, select
|
||||
|
||||
from app.core.deps import get_current_user
|
||||
from app.core.security import verify_password
|
||||
from app.db.session import get_session
|
||||
from app.models.user import User
|
||||
from app.schemas.auth import LoginRequest, UserResponse
|
||||
|
||||
router = APIRouter(prefix="/api/auth", tags=["认证"])
|
||||
|
||||
|
||||
@router.post("/login", response_model=UserResponse)
|
||||
def login(body: LoginRequest, request: Request, session: Session = Depends(get_session)):
|
||||
"""账号登录。验证成功后写入 session,返回用户信息。"""
|
||||
statement = select(User).where(User.username == body.username)
|
||||
user = session.exec(statement).first()
|
||||
if user is None or not user.is_active:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="用户名或密码错误",
|
||||
)
|
||||
if not verify_password(body.password, user.password_hash):
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
detail="用户名或密码错误",
|
||||
)
|
||||
request.session["user_id"] = user.id
|
||||
return user
|
||||
|
||||
|
||||
@router.post("/logout")
|
||||
def logout(request: Request):
|
||||
"""退出登录,清空当前 session。"""
|
||||
request.session.clear()
|
||||
return {"message": "已退出登录"}
|
||||
|
||||
|
||||
@router.get("/me", response_model=UserResponse)
|
||||
def get_me(user: User = Depends(get_current_user)):
|
||||
"""获取当前登录用户的信息。"""
|
||||
return user
|
||||
Reference in New Issue
Block a user