Skip to content

Auth

login_access_token(form_data, auth_service) async

OAuth2 compatible token login, get an access token for future requests.

Security: - Uses strict OAuth2 form (username/password). - Rate Limiting should be applied at Gateway/Nginx level or via Middleware.

Parameters:

  • form_data (Annotated[OAuth2PasswordRequestForm, Depends()]) –

    OAuth2 password request form containing username and password.

  • auth_service (Annotated[AuthService, Depends(get_auth_service)]) –

    Injected authentication service.

Returns:

  • Token ( Token ) –

    A Token object containing the access token and token type.

Raises:

  • FunctionalError

    If authentication fails due to invalid credentials or inactive user.

  • TechnicalError

    If an unexpected error occurs during authentication.

Source code in app/api/v1/endpoints/auth.py 
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
@router.post("/login", response_model=Token)
async def login_access_token(
    form_data: Annotated[OAuth2PasswordRequestForm, Depends()],
    auth_service: Annotated[AuthService, Depends(get_auth_service)],
) -> Token:
    """
    OAuth2 compatible token login, get an access token for future requests.

    Security:
    - Uses strict OAuth2 form (username/password).
    - Rate Limiting should be applied at Gateway/Nginx level or via Middleware.

    Args:
        form_data: OAuth2 password request form containing username and password.
        auth_service: Injected authentication service.

    Returns:
        Token: A Token object containing the access token and token type.

    Raises:
        FunctionalError: If authentication fails due to invalid credentials or inactive user.
        TechnicalError: If an unexpected error occurs during authentication.
    """
    try:
        return await auth_service.authenticate(form_data.username, form_data.password)

    except (FunctionalError, TechnicalError):
        # Re-raise known exceptions to be handled by global exception handlers
        raise
    except Exception as e:
        logger.error(f"Login failed unexpectedly: {e}", exc_info=True)
        raise TechnicalError("Login failed")