45 lines
1.5 KiB
Python
45 lines
1.5 KiB
Python
"""Authentication Pydantic models.
|
|
|
|
Request, response, and domain models used by the auth router and service.
|
|
"""
|
|
|
|
from pydantic import Field
|
|
|
|
from app.models.response import BanGuiBaseModel
|
|
|
|
class LoginRequest(BanGuiBaseModel):
|
|
"""Payload for ``POST /api/auth/login``."""
|
|
|
|
password: str = Field(
|
|
...,
|
|
max_length=72,
|
|
description="Master password to authenticate with (max 72 bytes due to bcrypt truncation).",
|
|
)
|
|
|
|
class LoginResponse(BanGuiBaseModel):
|
|
"""Successful login response.
|
|
|
|
The session token is set as an ``HttpOnly`` ``SameSite=Lax`` cookie by the
|
|
router, protecting it from JavaScript access. The JSON body contains only
|
|
the expiry timestamp, allowing the frontend to know when to prompt for
|
|
re-authentication.
|
|
|
|
For programmatic API clients that require a token in the response body,
|
|
use ``POST /api/auth/token`` instead, which does not set a cookie.
|
|
"""
|
|
|
|
expires_at: str = Field(..., description="ISO 8601 UTC expiry timestamp.")
|
|
|
|
class LogoutResponse(BanGuiBaseModel):
|
|
"""Response body for ``POST /api/auth/logout``."""
|
|
|
|
message: str = Field(default="Logged out successfully.")
|
|
|
|
class Session(BanGuiBaseModel):
|
|
"""Internal domain model representing a persisted session record."""
|
|
|
|
id: int = Field(..., description="Auto-incremented row ID.")
|
|
token: str = Field(..., description="Opaque session token.")
|
|
created_at: str = Field(..., description="ISO 8601 UTC creation timestamp.")
|
|
expires_at: str = Field(..., description="ISO 8601 UTC expiry timestamp.")
|