from fastapi import APIRouter, Depends, HTTPException, status from firebase_admin import auth from ..firebase_config import get_db from ..models import UserCreate, UserRecord, LoginRequest router = APIRouter() @router.post("/register", response_model=UserRecord, status_code=status.HTTP_201_CREATED) async def register_user(user: UserCreate): """ Registers a user in Firebase Auth and creates a corresponding user document in Firestore. """ try: user_record = auth.create_user( email=user.email, password=user.password, display_name=user.full_name ) db = get_db() user_data = { "uid": user_record.uid, "email": user.email, "full_name": user.full_name, "role": "member" } db.collection('users').document(user_record.uid).set(user_data) return user_data except auth.EmailAlreadyExistsError: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="Email already registered", ) @router.post("/login", response_model=UserRecord) async def login(login_data: LoginRequest): """ Verifies a Firebase ID token, checks user role from Firestore, and returns user data. """ try: decoded_token = auth.verify_id_token(login_data.id_token) uid = decoded_token['uid'] db = get_db() user_doc = db.collection('users').document(uid).get() if not user_doc.exists: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="User not found in the database.", ) user = user_doc.to_dict() if user.get("role") == "member": raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Account is not activated. Please contact an administrator." ) return UserRecord(**user) except auth.InvalidIdTokenError: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid Firebase ID token", ) except Exception as e: raise HTTPException( status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e), )