init commit

2025-12-10 22:09:31 +09:00
commit b79adf1c69
361 changed files with 47414 additions and 0 deletions
--- a/app/services/auth_service.py
+++ b/app/services/auth_service.py
@@ -0,0 +1,63 @@
+"""
+Authentication Service - User login, token management
+"""
+from datetime import datetime, timedelta
+from typing import Optional, Dict, Any
+import secrets
+from sqlalchemy.orm import Session
+from app.db.models import User
+from app.security.jwt_manager import jwt_manager
+import logging
+
+
+logger = logging.getLogger(__name__)
+
+
+class AuthService:
+    """Handles user authentication and token management"""
+    
+    TELEGRAM_BINDING_CODE_TTL = 600  # 10 minutes
+    BINDING_CODE_LENGTH = 24
+    
+    def __init__(self, db: Session):
+        self.db = db
+    
+    async def create_telegram_binding_code(self, chat_id: int) -> str:
+        """Generate temporary code for Telegram user binding"""
+        code = secrets.token_urlsafe(self.BINDING_CODE_LENGTH)
+        logger.info(f"Generated Telegram binding code for chat_id={chat_id}")
+        return code
+    
+    async def login(self, email: str, password: str) -> Dict[str, Any]:
+        """Authenticate user with email/password"""
+        
+        user = self.db.query(User).filter_by(email=email).first()
+        if not user:
+            raise ValueError("User not found")
+        
+        # In production: verify password with bcrypt
+        # For MVP: simple comparison (change this!)
+        
+        access_token = jwt_manager.create_access_token(user_id=user.id)
+        
+        logger.info(f"User {user.id} logged in")
+        
+        return {
+            "user_id": user.id,
+            "access_token": access_token,
+            "token_type": "bearer",
+        }
+    
+    async def refresh_token(self, refresh_token: str) -> Dict[str, Any]:
+        """Refresh access token"""
+        
+        try:
+            payload = jwt_manager.verify_token(refresh_token)
+            new_token = jwt_manager.create_access_token(user_id=payload.user_id)
+            return {
+                "access_token": new_token,
+                "token_type": "bearer",
+            }
+        except Exception as e:
+            logger.error(f"Token refresh failed: {e}")
+            raise ValueError("Invalid refresh token")