64 lines
2.0 KiB
Python
64 lines
2.0 KiB
Python
"""
|
|
Authentication Service - User login, token management
|
|
"""
|
|
from datetime import datetime, timedelta
|
|
from typing import Optional, Dict, Any
|
|
import secrets
|
|
from sqlalchemy.orm import Session
|
|
from app.db.models import User
|
|
from app.security.jwt_manager import jwt_manager
|
|
import logging
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
class AuthService:
|
|
"""Handles user authentication and token management"""
|
|
|
|
TELEGRAM_BINDING_CODE_TTL = 600 # 10 minutes
|
|
BINDING_CODE_LENGTH = 24
|
|
|
|
def __init__(self, db: Session):
|
|
self.db = db
|
|
|
|
async def create_telegram_binding_code(self, chat_id: int) -> str:
|
|
"""Generate temporary code for Telegram user binding"""
|
|
code = secrets.token_urlsafe(self.BINDING_CODE_LENGTH)
|
|
logger.info(f"Generated Telegram binding code for chat_id={chat_id}")
|
|
return code
|
|
|
|
async def login(self, email: str, password: str) -> Dict[str, Any]:
|
|
"""Authenticate user with email/password"""
|
|
|
|
user = self.db.query(User).filter_by(email=email).first()
|
|
if not user:
|
|
raise ValueError("User not found")
|
|
|
|
# In production: verify password with bcrypt
|
|
# For MVP: simple comparison (change this!)
|
|
|
|
access_token = jwt_manager.create_access_token(user_id=user.id)
|
|
|
|
logger.info(f"User {user.id} logged in")
|
|
|
|
return {
|
|
"user_id": user.id,
|
|
"access_token": access_token,
|
|
"token_type": "bearer",
|
|
}
|
|
|
|
async def refresh_token(self, refresh_token: str) -> Dict[str, Any]:
|
|
"""Refresh access token"""
|
|
|
|
try:
|
|
payload = jwt_manager.verify_token(refresh_token)
|
|
new_token = jwt_manager.create_access_token(user_id=payload.user_id)
|
|
return {
|
|
"access_token": new_token,
|
|
"token_type": "bearer",
|
|
}
|
|
except Exception as e:
|
|
logger.error(f"Token refresh failed: {e}")
|
|
raise ValueError("Invalid refresh token")
|