@vai2rdZddlmZmZmZmZddlmZededZ e ddg d Z e d dg ed Z e d dg dZ e ddg edZdS)a app/routes/auth.py ================== Routes autenticazione. Endpoint: - POST /api/v1/auth/login - Login e ottieni token - POST /api/v1/auth/logout - Logout (lato client rimuove token) - POST /api/v1/auth/refresh-token - Refresh JWT token ) Blueprintrequestjsonifyg) require_authauthz /api/v1/auth) url_prefixz/loginPOST)methodsc tj}|stddddfS|dd}|dd}|dd }|r|stdd ddfSt jd }|stdd dd fS||||\}}}|rtd|ddfStd|||jdzddfS#t$r.}tddt|dd fcYd}~Sd}~wwxYw)aW POST /api/v1/auth/login Login user e ottieni JWT token. Request body: { "email": "operatore@studium.it", "password": "password123", "tenant_id": 1 (opzionale, default 1) } Response success (200): { "success": true, "token": "eyJhbGciOiJIUzI1NiIs...", "user": { "id": 1, "email": "operatore@studium.it", "nome": "Operatore Demo", "ruolo": "operatore", "id_tenant": 1 }, "expires_in": 86400 } Response error (401): { "success": false, "error": "Invalid password" } Esempio curl: curl -X POST http://localhost:5000/api/v1/auth/login -H "Content-Type: application/json" -d '{"email":"demo@studium.it","password":"demo123"}' FzRequest body is emptysuccesserroremailpassword tenant_idzEmail and password are required auth_serviceAuth service not initializedT)rtokenuser expires_inz Login error: N) rget_jsonrgetstriprloginjwt_expiration_hours Exceptionstr) datarrrrr user_datares Response: { "success": true, "message": "Logged out successfully" } Esempio curl: curl -X POST http://localhost:5000/api/v1/auth/logout -H "Authorization: Bearer " TzLogged out successfully)rmessageuser_idrrFzLogout error: r rN)rr$r%)rr,kwargsr(s r)logoutr.ps20"        .c!ff..           s A#A A Az/refresh-tokenc tj}|rd|vrtddddfS|d}t jd}|stddddfS||\}}|rtd|dd fStd ||jd zd d fS#t$r.}tddt|ddfcYd}~Sd}~wwxYw)u  POST /api/v1/auth/refresh-token Refresh JWT token (ottieni nuovo token senza re-autenticarsi). Utile quando: - Token sta per scadere - Client vuole estendere sessione - Token è scaduto ma vogliamo dare una chance al client Request body: { "token": "eyJhbGciOiJIUzI1NiIs..." } Response success (200): { "success": true, "token": "eyJhbGciOiJIUzI1NiIs...", "expires_in": 86400 } Response error (401): { "success": false, "error": "Cannot refresh invalid token" } Esempio curl: curl -X POST http://localhost:5000/api/v1/auth/refresh-token -H "Content-Type: application/json" -d '{"token":"eyJhbGciOiJIUzI1NiIs..."}' rFzToken is requiredr rrrrrTr)rrrrzToken refresh error: N) rrrr r refresh_tokenr#r$r%)r& old_tokenr new_tokenrr(s r)r0r0sF$!! wd** ,  HHW%% u^,,   7  (55i@@ 5     &;dB        5SVV55           s.,B9>B9.-B9B99 C1#C,&C1,C1z/meGETc 2td|||dddfS)a GET /api/v1/auth/me Get info del user attualmente loggato. Richiede autenticazione. Response: { "success": true, "user": { "user_id": 1, "email": "operatore@studium.it", "tenant_id": 1, "ruolo": "operatore" } } Esempio curl: curl -X GET http://localhost:5000/api/v1/auth/me -H "Authorization: Bearer " T)r,rruolo)rrr)r)rr,r5r-s r)get_current_userr6s@2 "       N)__doc__flaskrrrrmiddleware_authr__name__auth_bprouter"r.r0r6r7r)r?s?  100000000000(((((( )FH @ @ @ x&**YY+*Yx y6(++ &&,+&R &22FF32FR uug&&   '&   r7