si-meng-spec/ToDoList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add JWT authentication and AGENTS.md

Browse Source
This commit is contained in:
祀梦
2026-05-17 11:21:41 +08:00
parent 40eb2dadb0
commit 3c03866021
19 changed files with 554 additions and 1632 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
api/app/routers/__init__.py
View File

@@ -1,10 +1,9 @@
from fastapi import APIRouter
from app.routers import tasks, categories, tags, user_settings, habits, anniversaries, accounts
from app.routers import tasks, categories, tags, user_settings, habits, anniversaries, accounts, auth
# 创建主路由
api_router = APIRouter()
# 注册子路由
api_router.include_router(auth.router)
api_router.include_router(tasks.router)
api_router.include_router(categories.router)
api_router.include_router(tags.router)

51
api/app/routers/auth.py Normal file
View File

@@ -0,0 +1,51 @@
from fastapi import APIRouter, Depends, HTTPException, Request
from sqlalchemy.orm import Session
from app.database import get_db
from app.models.user_settings import UserSettings
from app.schemas.auth import LoginRequest, TokenResponse, ChangePasswordRequest
from app.utils.auth import (
hash_password, verify_password, create_access_token,
get_current_user, set_default_password
)
router = APIRouter(prefix="/api/auth", tags=["认证"])
@router.post("/login", response_model=TokenResponse)
def login(data: LoginRequest, db: Session = Depends(get_db)):
settings = db.query(UserSettings).filter(UserSettings.id == 1).first()
if not settings:
settings = UserSettings(id=1)
db.add(settings)
db.commit()
db.refresh(settings)
set_default_password(db, settings)
if not verify_password(data.password, settings.password_hash):
raise HTTPException(status_code=401, detail="密码错误")
token = create_access_token({"sub": str(settings.id)})
return TokenResponse(access_token=token)
@router.post("/change-password")
def change_password(
data: ChangePasswordRequest,
request: Request,
db: Session = Depends(get_db)
):
get_current_user(request)
settings = db.query(UserSettings).filter(UserSettings.id == 1).first()
if not settings:
raise HTTPException(status_code=500, detail="用户设置不存在")
if not verify_password(data.old_password, settings.password_hash):
raise HTTPException(status_code=400, detail="原密码错误")
settings.password_hash = hash_password(data.new_password)
db.commit()
return {"message": "密码修改成功"}