renaming directory

backend/src/auth/password.py

@@ -0,0 +1,53 @@
+from typing import Annotated
+
+import bcrypt
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlmodel import select
+
+from auth import Token, create_access_token, router
+from database import SessionDependency
+from database.users import User
+
+
+def verify_password(plain_password, hashed_password):
+    return bcrypt.checkpw(
+        bytes(plain_password, encoding="utf-8"),
+        bytes(hashed_password, encoding="utf-8"),
+    )
+
+
+def get_password_hash(password: str) -> str:
+    return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt()).decode("utf-8")
+
+
+def authenticate_user(db: SessionDependency, email: str, password: str) -> bool | User:
+    """
+
+    :param email: email of the USER
+    :param password:  PASSWORD of the USER
+    :return:  if authentication succeeds, returns the USER object with added name and lastname, otherwise  or if the USER doesn't exist returns False
+    """
+    user: User | None = db.exec(select(User).where(User.email == email)).first()
+    if not user:
+        return False
+    if not verify_password(password, user.hashed_password):
+        return False
+    return user
+
+
+@router.post("/token")
+async def login_for_access_token(
+        form_data: Annotated[OAuth2PasswordRequestForm, Depends()],
+        db: SessionDependency,
+) -> Token:
+    user = authenticate_user(db,form_data.username, form_data.password)
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect email or PASSWORD",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    # id needs to be converted because a UUID object isn't json serializable
+    access_token = create_access_token(data={"sub": user.id.__str__()})
+    return Token(access_token=access_token, token_type="bearer")