Initial commit

2026-01-16 18:40:39 +01:00
commit 9ec63a8aa2
76 changed files with 13235 additions and 0 deletions
--- a/backend/app/api/endpoints/auth.py
+++ b/backend/app/api/endpoints/auth.py
@@ -0,0 +1,51 @@
+from fastapi import APIRouter, HTTPException, status, Form
+from datetime import timedelta
+from app.core.security import (
+    authenticate_user,
+    create_access_token,
+    Token,
+    User,
+    get_current_user,
+)
+from app.core.config import settings
+
+router = APIRouter()
+
+
+@router.post("/login", response_model=Token)
+async def login(username: str = Form(...), password: str = Form(...)):
+    """
+    Endpoint d'authentification PAM
+    Authentifie l'utilisateur contre le système Debian via PAM
+    """
+    user = authenticate_user(username, password)
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Identifiants incorrects",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    
+    access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+    access_token = create_access_token(
+        username=user.username, expires_delta=access_token_expires
+    )
+    
+    return {
+        "access_token": access_token,
+        "token_type": "bearer",
+        "username": user.username,
+    }
+
+
+@router.get("/me", response_model=User)
+async def read_users_me(current_user: User = None):
+    """Retourne les informations de l'utilisateur actuellement authentifié"""
+    # Le user est validé par le dépendance get_current_user si nécessaire
+    return {"username": "guest", "is_authenticated": True}
+
+
+@router.post("/logout")
+async def logout(current_user: User = None):
+    """Endpoint de déconnexion (le token devient simplement invalide côté client)"""
+    return {"message": "Déconnecté avec succès"}