b6iddlmZmZddlmZddlmZmZddlm Z ddl m Z m Z m Z ddlmZmZddlmZddlmZmZmZmZmZGd d Zy ) ) HTTPExceptionstatus)Session)UserRole) UserCreate)create_access_tokencreate_refresh_token decode_token) hash_passwordverify_password)UserRepository)ERR_EMAIL_REGISTEREDERR_INVALID_CREDENTIALSERR_INVALID_TOKENERR_REFRESH_TOKEN%ERR_ONLY_SUPERADMIN_CAN_CREATE_ADMINSceZdZdZededefdZedededefdZ ededefd Z ed e defd Z ededed e fd Z y) AuthServicez2Service exposing auth-related business operations.datasessionctj||j}|rttj t t|j|j|jt|j|jtj}tj||}t!|j}t#|j}||_|j'||ddS)z-Create a new standard user and return tokens. status_codedetail)email first_name last_namehashed_passwordphonerolesubbearer access_token refresh_token token_type)r get_by_emailrrrHTTP_400_BAD_REQUESTrrrrr passwordr rUSERScreater r r'commit)rrexistinguseraccessrefreshs K/var/www/html/story-book/Story-Book-python-api/app/services/auth_service.pysignupzAuthService.signups"..w C F,G,GPde e**nn)$--8**  $$Wd3$4&4::6$ &PXYYrr+c.tj||}|rt||jst t j tt|j}t|j}||_ |j||ddS)zAuthenticate and return tokens.rr"r$r%) rr)r rrrHTTP_401_UNAUTHORIZEDrr rr r'r.)rr+rr0r1r2s r3loginzAuthService.login-sx**7E:?8T5I5IJF,H,HQhi i$4&4::6$ &PXYYr5r'ct|}|jddk7rttjt |jd}t j||}|r|j|k7rttjtt|j}t|j}||_|j||ddS)z4Exchange a valid refresh token for a new token pair.typer2rr#r"r$r%)r getrrr7rrr)r'rr rr r.)r'rpayloadrr0 new_access new_refreshs r3r'zAuthService.refresh_token<s}- ;;v ) +F,H,HQbc c E"**7E:t))]:F,H,HQbc c(TZZ8 *tzz: ( *[X`aar5r0c8d|_|jddiS)z7Revoke refresh token -> user logged out on all devices.NmessagezSuccessfully logged out.)r'r.)r0rs r3logoutzAuthService.logoutQs""566r5 current_superc |jtjk7rttj t tj||j}|rttjtt|j|j|jt|j |j"tj$d}tj&||}|S)z SUPERADMIN-only: create an ADMIN user. 'current_super' param is passed from dependency checks in routes. rT)rrrrr r! is_active)r!r SUPERADMINrrHTTP_403_FORBIDDENrrr)rr*rrrrr r+r ADMINr-)rrrBr/admins r3register_adminzAuthService.register_adminXs    0F,E,ENst t!..w C F,G,GPde e**nn)$--8** %%gu5 r5N)__name__ __module__ __qualname____doc__ staticmethodrrr4strr8r'rrArIr5r3rrs<ZZZ'ZZ0 ZS ZC Z' Z ZbSb7bb(7T7G77 Z'$r5rN)fastapirrsqlmodelrapp.models.userrrapp.schemas.userrapp.utils.tokensr r r app.core.securityr r app.repositories.user_reporapp.core.constantsrrrrrrrPr5r3rYs3)&'TT<5^^r5