From c8fdb032ea0206cfb0dcf325db4e823d95867e47 Mon Sep 17 00:00:00 2001 From: Thomas Peetz Date: Sun, 12 Apr 2026 20:08:42 +0200 Subject: [PATCH] fix OAuth authentication --- kontor-api/src/apis/version1/login.py | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/kontor-api/src/apis/version1/login.py b/kontor-api/src/apis/version1/login.py index 698561a..a0b763b 100644 --- a/kontor-api/src/apis/version1/login.py +++ b/kontor-api/src/apis/version1/login.py @@ -1,8 +1,9 @@ from datetime import timedelta -from fastapi import APIRouter, HTTPException, status +from fastapi import APIRouter, Depends, HTTPException, status +from fastapi.security import OAuth2PasswordRequestForm, OAuth2PasswordBearer, SecurityScopes from pydantic import BaseModel - +from typing import Annotated from src.core.config import settings from src.core.log_conf import logger from src.core.security import authenticate_user, create_access_token @@ -39,3 +40,17 @@ def login(request: LoginRequest) -> Token: expires_delta=access_token_expires, ) return Token(access_token=access_token, token_type="bearer") + +@login_router.post("/token", tags=["login"], summary="Login for access token") +async def login_for_access_token( + form_data: Annotated[OAuth2PasswordRequestForm, Depends()], +) -> Token: + user = authenticate_user(form_data.username, form_data.password) + if not user: + raise HTTPException(status_code=400, detail="Incorrect username or password") + access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES) + access_token = create_access_token( + data={"sub": user.user_name, "scope": " ".join(form_data.scopes)}, + expires_delta=access_token_expires, + ) + return Token(access_token=access_token, token_type="bearer")