Coverage for apps / core / auth_api.py: 91%

32 statements  

« prev     ^ index     » next       coverage.py v7.13.5, created at 2026-04-12 10:49 +0000

1"""Authentication API endpoints — shared endpoints for passkey mode.""" 

2 

3import logging 

4 

5from django.conf import settings 

6from django.contrib.auth import logout 

7from django.http import Http404 

8from ninja import Router, Status 

9 

10from apps.core.auth import SessionAuth 

11from apps.core.auth_helpers import passkey_user_profile_response 

12from apps.profiles.models import Profile 

13 

14security_logger = logging.getLogger("security") 

15 

16router = Router(tags=["auth"]) 

17 

18 

19def _require_auth_mode(request): 

20 """Raise 404 if not in passkey mode (the only mode with user accounts).""" 

21 if settings.AUTH_MODE != "passkey": 

22 raise Http404 

23 

24 

25# --- Endpoints --- 

26 

27 

28@router.post("/logout/", response={200: dict}, auth=SessionAuth()) 

29def logout_view(request): 

30 _require_auth_mode(request) 

31 username = getattr(request, "user", None) 

32 username = username.username if username and hasattr(username, "username") else "unknown" 

33 logout(request) 

34 security_logger.info("Logout: user=%s", username) 

35 return {"message": "Logged out successfully"} 

36 

37 

38@router.get("/me/", response={200: dict, 401: dict}, auth=SessionAuth()) 

39def get_me(request): 

40 _require_auth_mode(request) 

41 user = request.user 

42 if not user or not getattr(user, "is_authenticated", False): 

43 return Status(401, {"error": "Authentication required"}) 

44 

45 try: 

46 profile = user.profile 

47 except Profile.DoesNotExist: 

48 return Status(401, {"error": "Authentication required"}) 

49 

50 return Status(200, passkey_user_profile_response(user, profile)) 

← Back to Dashboard