]iN dZddlmZddlmZddlmZmZmZm Z ddl m Z m Z ddl mZddlmZmZddlmZmZd ed ed ed efd Zd eded efdZd eded efdZded efdZy)uCAuth service — login, token refresh, and current-user resolution.)select) AsyncSession)create_access_tokencreate_refresh_tokenverify_password verify_token)RoleUserSpbuAssignment)User)system_repositoryuser_repository) TokenResponse UserResponsedb identifierpasswordreturncKtj||d{}|stj||d{}|rt||js t d|j s t d|jstj|d{}|r t d|jttjttjtj k(j#tj$|j k(tj&j)dj+dd{}|j-s t dt/|j |jd}t1|}t3|}t5|| S777(7mw) zAuthenticate a user by email or username and return access + refresh tokens. Raises ValueError for invalid credentials, inactive accounts, or maintenance mode. Nz"Email/username atau password salahzAkun tidak aktif__MAINTENANCE__Tz9Akses web tidak diizinkan untuk role Anda. Hubungi admin.sub is_superadmin) access_token refresh_token)r get_by_emailget_by_usernamer password_hash ValueError is_activerr is_maintenance_modeexecuterr joinr role_ididwhereuser_id can_login_webis_limitscalar_one_or_nonestrrrr) rrruser maintenanceresult token_datarrs ;/var/www/html/spbu.com/backend/app/services/auth_service.pyloginr2sj !--b*= =D $44RDD x1C1CD=>> >>+,,   -AA"EE ./ /zz 4L T$&8&@&@DGG&K L U%--8$:L:L:P:PQU:V W U1X    ((*XY YTWW8J8JKJ&z2L(4M l- PP7 >DF  sFG GG GA"G G BrNsI/ 5 ?8 QL Qc QS Q] QF +< + + + | C D 4LrD