Initial InfraPulse scaffold

backend/app/api/auth.py

@@ -0,0 +1,32 @@
+from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlalchemy import select
+from sqlalchemy.orm import Session
+
+from app.auth.dependencies import get_current_user
+from app.auth.security import create_access_token, verify_password
+from app.db.session import get_db
+from app.models import User
+from app.schemas.auth import TokenResponse, UserRead
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+
+@router.post("/login", response_model=TokenResponse)
+def login(form: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)) -> TokenResponse:
+    user = db.scalar(select(User).where(User.email == form.username))
+    if user is None or not verify_password(form.password, user.hashed_password):
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid email or password")
+    if not user.is_active:
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="User is disabled")
+    return TokenResponse(access_token=create_access_token(user.email))
+
+
+@router.post("/logout")
+def logout() -> dict[str, str]:
+    return {"status": "ok"}
+
+
+@router.get("/me", response_model=UserRead)
+def me(user: User = Depends(get_current_user)) -> User:
+    return user