v1.2 scaffold

backend/app/api/auth.py

@@ -0,0 +1,28 @@
+from fastapi import APIRouter, HTTPException, status
+from pydantic import BaseModel
+
+from app.core.config import settings
+
+router = APIRouter(prefix="/api/auth", tags=["auth"])
+
+
+class LoginRequest(BaseModel):
+    email: str
+    password: str
+
+
+class LoginResponse(BaseModel):
+    name: str
+    email: str
+    role: str
+
+
+@router.post("/login", response_model=LoginResponse)
+def login(payload: LoginRequest):
+    if payload.email.strip().lower() != settings.operator_email.lower() or payload.password != settings.operator_password:
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid email or password")
+    return {
+        "name": settings.operator_name,
+        "email": settings.operator_email,
+        "role": "operator",
+    }