From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 16 Jun 2025 17:11:57 +0000 (+0000)
Subject: API: Group all authentication endpoints together
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8d910e44b4e1f799e053d7f0a4f7a4688cacdfc2;p=pbs.git

API: Group all authentication endpoints together

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/api/auth.py b/src/api/auth.py
index a26e2e2a..d5420f08 100644
--- a/src/api/auth.py
+++ b/src/api/auth.py
@@ -42,6 +42,12 @@ TOKEN_ALGO   = "HS256"
 ACCESS_TOKEN_EXPIRY_TIME  = datetime.timedelta(minutes=60)
 REFRESH_TOKEN_EXPIRY_TIME = datetime.timedelta(days=7)
 
+# Create a new router for authentication requests
+router = fastapi.APIRouter(
+	prefix="/auth",
+	tags=["Authentication"],
+)
+
 class AuthResponse(pydantic.BaseModel):
 	# Token Type
 	type: str = "Bearer"
@@ -72,7 +78,7 @@ def create_token(subject, type, expires_after, **kwargs):
 	return jwt.encode(payload, TOKEN_SECRET, algorithm=TOKEN_ALGO)
 
 
-@app.post("/auth/user")
+@router.post("/user")
 async def auth_user(credentials: fastapi.security.OAuth2PasswordRequestForm =
 		fastapi.Depends()) -> AuthResponse:
 	# Set keytab to use
@@ -109,7 +115,7 @@ async def auth_user(credentials: fastapi.security.OAuth2PasswordRequestForm =
 class RefreshRequest(pydantic.BaseModel):
 	refresh_token: str
 
-@app.post("/auth/refresh")
+@router.post("/refresh")
 async def auth_refresh(data: RefreshRequest):
 	try:
 		payload = jwt.decode(data.refresh_token, TOKEN_SECRET, algorithms=[TOKEN_ALGO])
@@ -132,3 +138,6 @@ async def auth_refresh(data: RefreshRequest):
 
 	# Send the response
 	return AuthResponse(access_token=access_token, refresh_token=data.refresh_token)
+
+# Add everything to the app
+app.include_router(router)