From 8f5bfa3cbc107465803ea5d249a9fdaf53dd9649 Mon Sep 17 00:00:00 2001 From: Dennis Thiessen Date: Thu, 12 Feb 2026 22:26:23 +0100 Subject: [PATCH] added loggin to api endpoint --- backend/app/routers/auth.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/backend/app/routers/auth.py b/backend/app/routers/auth.py index 67986ae..97ff57c 100644 --- a/backend/app/routers/auth.py +++ b/backend/app/routers/auth.py @@ -1,5 +1,7 @@ """FluentGerman.ai — Auth router.""" +import logging + from fastapi import APIRouter, Depends, HTTPException, status from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession @@ -9,21 +11,32 @@ from app.database import get_db from app.models import User from app.schemas import LoginRequest, Token, UserOut +logger = logging.getLogger("fluentgerman.auth") + router = APIRouter(prefix="/api/auth", tags=["auth"]) @router.post("/login", response_model=Token) async def login(body: LoginRequest, db: AsyncSession = Depends(get_db)): + logger.info("Login attempt: username=%s", body.username) + result = await db.execute(select(User).where(User.username == body.username)) user = result.scalar_one_or_none() - if not user or not verify_password(body.password, user.hashed_password): + if not user: + logger.warning("Login failed: user '%s' not found", body.username) + raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials") + + if not verify_password(body.password, user.hashed_password): + logger.warning("Login failed: wrong password for '%s'", body.username) raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials") if not user.is_active: + logger.warning("Login failed: account '%s' is disabled", body.username) raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Account disabled") token = create_access_token({"sub": str(user.id)}) + logger.info("Login success: user=%s admin=%s", user.username, user.is_admin) return Token(access_token=token)