lovdata-chat/session-manager/routes/auth.py

from fastapi import APIRouter, HTTPException

from session_manager import session_manager
from session_auth import (
    get_session_auth_info as get_auth_info,
    list_active_auth_sessions,
    _session_token_manager,
)

router = APIRouter(tags=["auth"])


@router.get("/sessions/{session_id}/auth")
async def get_session_auth_info(session_id: str):
    session = await session_manager.get_session(session_id)
    if not session:
        raise HTTPException(status_code=404, detail="Session not found")

    auth_info = get_auth_info(session_id)
    if not auth_info:
        raise HTTPException(status_code=404, detail="Authentication info not found")

    return {
        "session_id": session_id,
        "auth_info": auth_info,
        "has_token": session.auth_token is not None,
    }


@router.post("/sessions/{session_id}/auth/rotate")
async def rotate_session_token(session_id: str):
    session = await session_manager.get_session(session_id)
    if not session:
        raise HTTPException(status_code=404, detail="Session not found")

    new_token = _session_token_manager.rotate_session_token(session_id)
    if not new_token:
        raise HTTPException(status_code=404, detail="Failed to rotate token")

    session.auth_token = new_token
    session_manager._save_sessions()

    return {
        "session_id": session_id,
        "new_token": new_token,
        "message": "Token rotated successfully",
    }


@router.get("/auth/sessions")
async def list_authenticated_sessions():
    sessions = list_active_auth_sessions()
    return {
        "active_auth_sessions": len(sessions),
        "sessions": sessions,
    }