feat: Phase 1 后端骨架主体入库(补 backend/app 主体与 requirements.txt)

上轮 3 次 commit 只入库了修补文件,主体目录漏入库。本次补入 backend/app/、backend/requirements.txt、backend/scripts/__init__.py。同步在 .gitignore 加 homePC/(制片人家用机带过来的参考文件,不进库)。
This commit is contained in:
simonkoson
2026-05-11 10:43:18 +08:00
parent 110e26f752
commit a9d1b0e416
17 changed files with 277 additions and 1 deletions
+46
View File
@@ -0,0 +1,46 @@
"""
认证路由 — 登录 / 登出 / 当前用户
"""
from fastapi import APIRouter, Depends, HTTPException, Request, status
from sqlmodel import Session, select
from app.core.deps import get_current_user
from app.core.security import verify_password
from app.db.session import get_session
from app.models.user import User
from app.schemas.auth import LoginRequest, UserResponse
router = APIRouter(prefix="/api/auth", tags=["认证"])
@router.post("/login", response_model=UserResponse)
def login(body: LoginRequest, request: Request, session: Session = Depends(get_session)):
"""账号登录。验证成功后写入 session,返回用户信息。"""
statement = select(User).where(User.username == body.username)
user = session.exec(statement).first()
if user is None or not user.is_active:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="用户名或密码错误",
)
if not verify_password(body.password, user.password_hash):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="用户名或密码错误",
)
request.session["user_id"] = user.id
return user
@router.post("/logout")
def logout(request: Request):
"""退出登录,清空当前 session。"""
request.session.clear()
return {"message": "已退出登录"}
@router.get("/me", response_model=UserResponse)
def get_me(user: User = Depends(get_current_user)):
"""获取当前登录用户的信息。"""
return user