""" 认证模块 API ============ 采用"手机号 + JWT"的认证方案。 """ from __future__ import annotations from fastapi import APIRouter, Depends from app.api.deps import get_current_user from app.core.security import create_access_token from app.crud.user import user as user_crud from app.db.session import AsyncSession, get_db from app.models.user import User from app.schemas.auth import LoginResponse, MobileLoginRequest from app.schemas.common import ApiResponse, success_response router = APIRouter() @router.post("/login", response_model=ApiResponse[LoginResponse]) async def login( request: MobileLoginRequest, db: AsyncSession = Depends(get_db), ): """ 手机号登录/注册 - 如果手机号已存在,返回对应用户 - 如果不存在,自动创建新用户 - 返回 JWT Token 用于后续认证 """ # 获取或创建用户 user_obj = await user_crud.get_or_create_by_mobile( db, mobile=request.mobile, nickname=request.nickname, ) # 生成 JWT Token token = create_access_token(data={"sub": user_obj.id, "mobile": user_obj.mobile}) return success_response( data=LoginResponse( token=token, user={ "id": user_obj.id, "nickname": user_obj.nickname or "", "avatar": user_obj.avatar_url or "", }, ), message="登录成功", ) @router.get("/me", response_model=ApiResponse[dict]) async def get_me( current_user: User = Depends(get_current_user), ): """获取当前登录用户信息""" return success_response( data={ "id": current_user.id, "mobile": current_user.mobile, "nickname": current_user.nickname, "avatar": current_user.avatar_url, "createdAt": current_user.created_at.isoformat() if current_user.created_at else None, } ) @router.post("/refresh", response_model=ApiResponse[dict]) async def refresh_token( current_user: User = Depends(get_current_user), ): """刷新 JWT Token""" new_token = create_access_token(data={"sub": current_user.id, "mobile": current_user.mobile}) return success_response( data={"token": new_token}, message="Token 刷新成功", )