major refactoring adding vendor and customer features

app/api/v1/admin/auth.py

@@ -0,0 +1,58 @@
+# app/api/v1/admin/auth.py
+"""
+Admin authentication endpoints.
+
+This module provides:
+- Admin user login
+- Admin token validation
+- Admin-specific authentication logic
+"""
+
+import logging
+from fastapi import APIRouter, Depends
+from sqlalchemy.orm import Session
+
+from app.core.database import get_db
+from app.services.auth_service import auth_service
+from app.exceptions import InvalidCredentialsException
+from models.schemas.auth import LoginResponse, UserLogin
+
+router = APIRouter()
+logger = logging.getLogger(__name__)
+
+
+@router.post("/login", response_model=LoginResponse)
+def admin_login(user_credentials: UserLogin, db: Session = Depends(get_db)):
+    """
+    Admin login endpoint.
+
+    Only allows users with 'admin' role to login.
+    Returns JWT token for authenticated admin users.
+    """
+    # Authenticate user
+    login_result = auth_service.login_user(db=db, user_credentials=user_credentials)
+
+    # Verify user is admin
+    if login_result["user"].role != "admin":
+        logger.warning(f"Non-admin user attempted admin login: {user_credentials.username}")
+        raise InvalidCredentialsException("Admin access required")
+
+    logger.info(f"Admin login successful: {login_result['user'].username}")
+
+    return LoginResponse(
+        access_token=login_result["token_data"]["access_token"],
+        token_type=login_result["token_data"]["token_type"],
+        expires_in=login_result["token_data"]["expires_in"],
+        user=login_result["user"],
+    )
+
+
+@router.post("/logout")
+def admin_logout():
+    """
+    Admin logout endpoint.
+
+    Client should remove token from storage.
+    Server-side token invalidation can be implemented here if needed.
+    """
+    return {"message": "Logged out successfully"}