from fastapi import APIRouter, HTTPException, status, Depends from app.models import UserSignup, UserLogin, UserResponse, TokenResponse from app.database import get_supabase from app.dependencies import get_current_user import logging logger = logging.getLogger(__name__) router = APIRouter(prefix="/auth", tags=["Authentication"]) @router.post("/signup", response_model=TokenResponse) async def signup(data: UserSignup): supabase = get_supabase() try: # Create auth user auth_resp = supabase.auth.sign_up( {"email": data.email, "password": data.password} ) if not auth_resp.user: raise HTTPException(status_code=400, detail="Failed to create account") user = auth_resp.user # Create company record supabase.table("companies").insert( { "owner_id": user.id, "name": data.company_name, } ).execute() # Create free subscription supabase.table("subscriptions").insert( { "user_id": user.id, "plan": "free", "status": "active", } ).execute() token = auth_resp.session.access_token if auth_resp.session else "" return TokenResponse( access_token=token, user=UserResponse( id=user.id, email=user.email, company_name=data.company_name, plan="free", ), ) except HTTPException: raise except Exception as e: logger.error(f"Signup error: {e}") if "already registered" in str(e).lower() or "already exists" in str(e).lower(): raise HTTPException(status_code=400, detail="Email already registered") raise HTTPException(status_code=400, detail=str(e)) @router.post("/login", response_model=TokenResponse) async def login(data: UserLogin): supabase = get_supabase() try: auth_resp = supabase.auth.sign_in_with_password( {"email": data.email, "password": data.password} ) if not auth_resp.user or not auth_resp.session: raise HTTPException(status_code=401, detail="Invalid credentials") user = auth_resp.user # Get company info company = supabase.table("companies").select("name").eq("owner_id", user.id).execute() company_name = company.data[0]["name"] if company.data else "" # Get subscription sub = ( supabase.table("subscriptions") .select("plan") .eq("user_id", user.id) .eq("status", "active") .execute() ) plan = sub.data[0]["plan"] if sub.data else "free" return TokenResponse( access_token=auth_resp.session.access_token, user=UserResponse( id=user.id, email=user.email, company_name=company_name, plan=plan, ), ) except HTTPException: raise except Exception as e: logger.error(f"Login error: {e}") raise HTTPException(status_code=401, detail="Invalid credentials") @router.post("/logout") async def logout(user=Depends(get_current_user)): supabase = get_supabase() try: supabase.auth.sign_out() except Exception: pass return {"message": "Logged out successfully"} @router.get("/me", response_model=UserResponse) async def get_me(user=Depends(get_current_user)): supabase = get_supabase() company = supabase.table("companies").select("name").eq("owner_id", user.id).execute() company_name = company.data[0]["name"] if company.data else "" sub = ( supabase.table("subscriptions") .select("plan") .eq("user_id", user.id) .eq("status", "active") .execute() ) plan = sub.data[0]["plan"] if sub.data else "free" return UserResponse( id=user.id, email=user.email, company_name=company_name, plan=plan, )