CARONTE v1.0 - Plataforma de Gestão Social

backend/app/api/v1/auth.py

@@ -0,0 +1,38 @@
+from fastapi import APIRouter, Depends, HTTPException
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlalchemy.ext.asyncio import AsyncSession
+from sqlalchemy import select
+from app.core.database import get_db
+from app.core.security import hash_password, verify_password, create_access_token, get_current_user_id
+from app.models.usuario import Usuario
+from app.schemas.schemas import UserCreate, UserOut, Token
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+@router.post("/registro", response_model=UserOut)
+async def registro(data: UserCreate, db: AsyncSession = Depends(get_db)):
+    existing = await db.execute(select(Usuario).where(Usuario.email == data.email))
+    if existing.scalar_one_or_none():
+        raise HTTPException(400, "Email já cadastrado")
+    user = Usuario(nome=data.nome, email=data.email, senha_hash=hash_password(data.senha), telefone=data.telefone)
+    db.add(user)
+    await db.commit()
+    await db.refresh(user)
+    return user
+
+@router.post("/login", response_model=Token)
+async def login(form: OAuth2PasswordRequestForm = Depends(), db: AsyncSession = Depends(get_db)):
+    result = await db.execute(select(Usuario).where(Usuario.email == form.username))
+    user = result.scalar_one_or_none()
+    if not user or not verify_password(form.password, user.senha_hash):
+        raise HTTPException(401, "Credenciais inválidas")
+    token = create_access_token({"sub": str(user.id)})
+    return {"access_token": token}
+
+@router.get("/me", response_model=UserOut)
+async def me(user_id: int = Depends(get_current_user_id), db: AsyncSession = Depends(get_db)):
+    result = await db.execute(select(Usuario).where(Usuario.id == user_id))
+    user = result.scalar_one_or_none()
+    if not user:
+        raise HTTPException(404, "Usuário não encontrado")
+    return user