"""Auth routes: user profile management. Registration, login, refresh, and session management are handled by the Better-Auth service (auth/). This router provides user profile endpoints that query our own user data from the shared database. """ from fastapi import APIRouter, Depends, HTTPException, status from pydantic import BaseModel from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession from cartsnitch_api.auth.dependencies import get_current_user from cartsnitch_api.database import get_db from cartsnitch_api.models import User from cartsnitch_api.schemas import ( UpdateUserRequest, UserResponse, ) from cartsnitch_api.services.auth import AuthService router = APIRouter(prefix="/auth", tags=["auth"]) @router.get("/me", response_model=UserResponse) async def get_me( user_id: str = Depends(get_current_user), db: AsyncSession = Depends(get_db), ): svc = AuthService(db) try: return await svc.get_user(user_id) except LookupError: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) from None @router.patch("/me", response_model=UserResponse) async def update_me( body: UpdateUserRequest, user_id: str = Depends(get_current_user), db: AsyncSession = Depends(get_db), ): svc = AuthService(db) try: return await svc.update_user(user_id, email=body.email, display_name=body.display_name) except LookupError: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) from None except ValueError as e: raise HTTPException(status_code=status.HTTP_409_CONFLICT, detail=str(e)) from e @router.delete("/me", status_code=status.HTTP_204_NO_CONTENT) async def delete_me( user_id: str = Depends(get_current_user), db: AsyncSession = Depends(get_db), ): svc = AuthService(db) try: await svc.delete_user(user_id) except LookupError: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) from None