66from backend .models import User
77from .jwt_utils import jwt_manager
88from .decorators import token_required
9+ from backend .docs .swagger import swagger_operation
910from backend .utils .validation import (
1011 sanitize_input ,
1112 validate_email ,
2223
2324
2425@auth_bp .route ('/register' , methods = ['POST' ])
26+ @swagger_operation (
27+ '/api/auth/register' ,
28+ 'post' ,
29+ 'Register a user' ,
30+ 'Create a new user account and return the created profile.' ,
31+ request_body = {
32+ 'required' : True ,
33+ 'content' : {
34+ 'application/json' : {
35+ 'schema' : {
36+ 'type' : 'object' ,
37+ 'required' : ['username' , 'email' , 'password' , 'full_name' , 'role' ],
38+ 'properties' : {
39+ 'username' : {'type' : 'string' , 'example' : 'farmer123' },
40+ 'email' : {'type' : 'string' , 'format' : 'email' , 'example' : 'farmer@example.com' },
41+ 'password' : {'type' : 'string' , 'example' : 'SecurePass123' },
42+ 'full_name' : {'type' : 'string' , 'example' : 'John Doe' },
43+ 'role' : {'type' : 'string' , 'example' : 'farmer' },
44+ 'phone' : {'type' : 'string' , 'example' : '9876543210' },
45+ 'location' : {'type' : 'string' , 'example' : 'Maharashtra' },
46+ },
47+ },
48+ },
49+ },
50+ },
51+ responses = {
52+ '201' : {'description' : 'User created successfully' },
53+ '400' : {'description' : 'Validation error' },
54+ '409' : {'description' : 'User already exists' },
55+ },
56+ )
2557def register ():
2658 """
2759 Register a new user.
@@ -125,6 +157,32 @@ def register():
125157
126158
127159@auth_bp .route ('/login' , methods = ['POST' ])
160+ @swagger_operation (
161+ '/api/auth/login' ,
162+ 'post' ,
163+ 'Login a user' ,
164+ 'Authenticate a user and return an access token plus the user profile.' ,
165+ request_body = {
166+ 'required' : True ,
167+ 'content' : {
168+ 'application/json' : {
169+ 'schema' : {
170+ 'type' : 'object' ,
171+ 'required' : ['username' , 'password' ],
172+ 'properties' : {
173+ 'username' : {'type' : 'string' , 'example' : 'farmer123' },
174+ 'password' : {'type' : 'string' , 'example' : 'SecurePass123' },
175+ },
176+ },
177+ },
178+ },
179+ },
180+ responses = {
181+ '200' : {'description' : 'Login successful' },
182+ '400' : {'description' : 'Validation error' },
183+ '401' : {'description' : 'Invalid credentials' },
184+ },
185+ )
128186def login ():
129187 """
130188 Authenticate user and return tokens.
@@ -211,6 +269,16 @@ def login():
211269
212270
213271@auth_bp .route ('/refresh' , methods = ['POST' ])
272+ @swagger_operation (
273+ '/api/auth/refresh' ,
274+ 'post' ,
275+ 'Refresh access token' ,
276+ 'Exchange a valid refresh token cookie for a new access token.' ,
277+ responses = {
278+ '200' : {'description' : 'Token refreshed successfully' },
279+ '401' : {'description' : 'Refresh token missing or invalid' },
280+ },
281+ )
214282def refresh_token ():
215283 """
216284 Refresh access token using refresh token from cookie.
@@ -266,6 +334,17 @@ def refresh_token():
266334
267335
268336@auth_bp .route ('/logout' , methods = ['POST' ])
337+ @swagger_operation (
338+ '/api/auth/logout' ,
339+ 'post' ,
340+ 'Logout the current user' ,
341+ 'Invalidate the current session by clearing the refresh token cookie.' ,
342+ security = [{'bearerAuth' : []}],
343+ responses = {
344+ '200' : {'description' : 'Logout successful' },
345+ '401' : {'description' : 'Authentication required' },
346+ },
347+ )
269348@token_required
270349def logout (current_user ):
271350 """
@@ -293,6 +372,18 @@ def logout(current_user):
293372
294373
295374@auth_bp .route ('/me' , methods = ['GET' ])
375+ @swagger_operation (
376+ '/api/auth/me' ,
377+ 'get' ,
378+ 'Get current user' ,
379+ 'Return the authenticated user profile.' ,
380+ security = [{'bearerAuth' : []}],
381+ responses = {
382+ '200' : {'description' : 'User information returned successfully' },
383+ '401' : {'description' : 'Authentication required' },
384+ '404' : {'description' : 'User not found' },
385+ },
386+ )
296387@token_required
297388def get_current_user (current_user ):
298389 """
@@ -316,6 +407,17 @@ def get_current_user(current_user):
316407
317408
318409@auth_bp .route ('/validate' , methods = ['GET' ])
410+ @swagger_operation (
411+ '/api/auth/validate' ,
412+ 'get' ,
413+ 'Validate access token' ,
414+ 'Check whether the access token is still valid.' ,
415+ security = [{'bearerAuth' : []}],
416+ responses = {
417+ '200' : {'description' : 'Token is valid' },
418+ '401' : {'description' : 'Authentication required' },
419+ },
420+ )
319421@token_required
320422def validate_token (current_user ):
321423 """
0 commit comments