dashboard-nanobot/backend/api/panel_auth_router.py

from fastapi import APIRouter, Depends, HTTPException, Request, Response
from sqlmodel import Session

from core.database import get_session
from core.settings import PANEL_ACCESS_PASSWORD
from schemas.system import PanelLoginRequest
from services.platform_auth_service import (
    clear_panel_token_cookie,
    create_panel_token,
    resolve_panel_request_auth,
    revoke_panel_token,
    set_panel_token_cookie,
)

router = APIRouter()


@router.get("/api/panel/auth/status")
def get_panel_auth_status(request: Request, session: Session = Depends(get_session)):
    configured = str(PANEL_ACCESS_PASSWORD or "").strip()
    principal = resolve_panel_request_auth(session, request)
    return {
        "enabled": bool(configured),
        "authenticated": bool(principal.authenticated),
        "auth_source": principal.auth_source if principal.authenticated else None,
    }


@router.post("/api/panel/auth/login")
def panel_login(
    payload: PanelLoginRequest,
    request: Request,
    response: Response,
    session: Session = Depends(get_session),
):
    configured = str(PANEL_ACCESS_PASSWORD or "").strip()
    if not configured:
        clear_panel_token_cookie(response)
        return {"success": True, "enabled": False}
    supplied = str(payload.password or "").strip()
    if supplied != configured:
        raise HTTPException(status_code=401, detail="Invalid panel access password")
    try:
        raw_token = create_panel_token(session, request)
    except RuntimeError as exc:
        raise HTTPException(status_code=503, detail=str(exc)) from exc
    set_panel_token_cookie(response, request, raw_token, session)
    return {"success": True, "enabled": True, "authenticated": True}


@router.post("/api/panel/auth/logout")
def panel_logout(request: Request, response: Response, session: Session = Depends(get_session)):
    revoke_panel_token(session, request)
    clear_panel_token_cookie(response)
    return {"success": True}
v0.1.4-p5 2026-04-04 16:29:37 +00:00			`from fastapi import APIRouter, Depends, HTTPException, Request, Response`
			`from sqlmodel import Session`

			`from core.database import get_session`
			`from core.settings import PANEL_ACCESS_PASSWORD`
			`from schemas.system import PanelLoginRequest`
			`from services.platform_auth_service import (`
			`clear_panel_token_cookie,`
			`create_panel_token,`
			`resolve_panel_request_auth,`
			`revoke_panel_token,`
			`set_panel_token_cookie,`
			`)`

			`router = APIRouter()`


			`@router.get("/api/panel/auth/status")`
			`def get_panel_auth_status(request: Request, session: Session = Depends(get_session)):`
			`configured = str(PANEL_ACCESS_PASSWORD or "").strip()`
			`principal = resolve_panel_request_auth(session, request)`
			`return {`
			`"enabled": bool(configured),`
			`"authenticated": bool(principal.authenticated),`
			`"auth_source": principal.auth_source if principal.authenticated else None,`
			`}`


			`@router.post("/api/panel/auth/login")`
			`def panel_login(`
			`payload: PanelLoginRequest,`
			`request: Request,`
			`response: Response,`
			`session: Session = Depends(get_session),`
			`):`
			`configured = str(PANEL_ACCESS_PASSWORD or "").strip()`
			`if not configured:`
			`clear_panel_token_cookie(response)`
			`return {"success": True, "enabled": False}`
			`supplied = str(payload.password or "").strip()`
			`if supplied != configured:`
			`raise HTTPException(status_code=401, detail="Invalid panel access password")`
			`try:`
			`raw_token = create_panel_token(session, request)`
			`except RuntimeError as exc:`
			`raise HTTPException(status_code=503, detail=str(exc)) from exc`
			`set_panel_token_cookie(response, request, raw_token, session)`
			`return {"success": True, "enabled": True, "authenticated": True}`


			`@router.post("/api/panel/auth/logout")`
			`def panel_logout(request: Request, response: Response, session: Session = Depends(get_session)):`
			`revoke_panel_token(session, request)`
			`clear_panel_token_cookie(response)`
			`return {"success": True}`