Hugging Face's logo

Spaces:
vihaan2code
/
SpendWise-Backend
Sleeping

App Files Community
SpendWise-Backend
File size: 2,869 Bytes
1313d86
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
from fastapi import APIRouter, HTTPException
from app.db.client import get_supabase
from pydantic import BaseModel, EmailStr

router = APIRouter()


class RegisterRequest(BaseModel):
    email: str
    password: str
    display_name: str = ""


class LoginRequest(BaseModel):
    email: str
    password: str


@router.post("/register", status_code=201)
async def register(body: RegisterRequest):
    """
    Register a new user via Supabase Auth.
    Note: In production, the frontend should call Supabase directly.
    This endpoint exists for testing/docs purposes.
    """
    supabase = get_supabase()
    try:
        resp = supabase.auth.sign_up({
            "email": body.email,
            "password": body.password,
        })
        if resp.user:
            # Create profile
            try:
                supabase.table("profiles").upsert({
                    "id": str(resp.user.id),
                    "email": body.email,
                    "display_name": body.display_name,
                }, on_conflict="id").execute()
            except Exception:
                pass
            return {
                "user_id": str(resp.user.id),
                "email": resp.user.email,
                "message": "Registration successful. Check your email for confirmation."
            }
        raise HTTPException(status_code=400, detail="Registration failed")
    except Exception as e:
        raise HTTPException(status_code=400, detail=str(e))


@router.post("/login")
async def login(body: LoginRequest):
    """
    Login with email/password via Supabase Auth.
    Returns: access_token, refresh_token, user_id
    """
    supabase = get_supabase()
    try:
        resp = supabase.auth.sign_in_with_password({
            "email": body.email,
            "password": body.password,
        })
        if resp.session:
            return {
                "access_token": resp.session.access_token,
                "refresh_token": resp.session.refresh_token,
                "token_type": "bearer",
                "user_id": str(resp.user.id),
                "email": resp.user.email,
            }
        raise HTTPException(status_code=401, detail="Invalid credentials")
    except Exception as e:
        raise HTTPException(status_code=401, detail=str(e))


@router.post("/refresh")
async def refresh_token(body: dict):
    """Refresh an expired access token."""
    supabase = get_supabase()
    refresh_tk = body.get("refresh_token")
    if not refresh_tk:
        raise HTTPException(status_code=400, detail="refresh_token is required")
    try:
        resp = supabase.auth.refresh_session(refresh_tk)
        return {
            "access_token": resp.session.access_token,
            "refresh_token": resp.session.refresh_token,
        }
    except Exception as e:
        raise HTTPException(status_code=401, detail=str(e))