fix: Change login endpoint to accept JSON instead of OAuth2 form data

- Added UserLogin schema for JSON login request - Updated auth.py to use UserLogin instead of OAuth2PasswordRequestForm - Added file_ids to ChatRequest schema
2026-03-24 03:09:21 +00:00 · 2026-03-24 03:09:21 +00:00 · bc20de7567
commit bc20de7567
parent c32a95fc91
2 changed files with 28 additions and 25 deletions
--- a/backend/app/api/auth.py
+++ b/backend/app/api/auth.py
@ -1,6 +1,5 @@
 from datetime import timedelta
 from fastapi import APIRouter, Depends, HTTPException, status
-from fastapi.security import OAuth2PasswordRequestForm
 from sqlalchemy.orm import Session
 from app.core.database import get_db
 from app.core.auth import (
@ -13,6 +12,7 @@ from app.core.config import settings
 from app.models.models import User
 from app.schemas.schemas import (
    UserCreate,
+    UserLogin,
    UserResponse,
    UserUpdate,
    Token
@ -56,16 +56,14 @@ def register(user_data: UserCreate, db: Session = Depends(get_db)):


@router.post("/login", response_model=Token)
-def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
-    # Find user by username or email
-    user = db.query(User).filter(
-        (User.username == form_data.username) | (User.email == form_data.username)
-    ).first()
+def login(login_data: UserLogin, db: Session = Depends(get_db)):
+    # Find user by email
+    user = db.query(User).filter(User.email == login_data.email).first()

-    if not user or not verify_password(form_data.password, user.hashed_password):
+    if not user or not verify_password(login_data.password, user.hashed_password):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Incorrect username or password",
+            detail="Incorrect email or password",
            headers={"WWW-Authenticate": "Bearer"},
        )

@ -77,7 +75,7 @@ def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depend

    access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
-        data={"sub": user.id},
+        data={"sub": str(user.id), "email": user.email, "role": user.role},
        expires_delta=access_token_expires
    )

--- a/backend/app/schemas/schemas.py
+++ b/backend/app/schemas/schemas.py
@ -13,6 +13,11 @@ class UserCreate(UserBase):
    password: str


+class UserLogin(BaseModel):
+    email: EmailStr
+    password: str
+
+
 class UserUpdate(BaseModel):
    email: Optional[EmailStr] = None
    username: Optional[str] = None
@ -116,13 +121,14 @@ class UploadedFileResponse(UploadedFileBase):
 class ChatRequest(BaseModel):
    message: str
    endpoint_id: Optional[int] = None
-    conversation_history: Optional[List[ChatMessageBase]] = None
+    file_ids: Optional[List[int]] = None
+    conversation_history: Optional[List[dict]] = None


 class ChatResponse(BaseModel):
    response: str
-    endpoint_id: Optional[int] = None
-    model: Optional[str] = None
+    endpoint_used: Optional[str] = None
+    model_used: Optional[str] = None


 # AdminStats schema
@ -130,5 +136,4 @@ class AdminStats(BaseModel):
    total_users: int
    total_endpoints: int
    total_messages: int
-    total_files: int
-    active_users: int
+    active_endpoints: int