50 lines
1.8 KiB
Python
50 lines
1.8 KiB
Python
from flask import Blueprint, request, jsonify
|
|
from werkzeug.security import check_password_hash
|
|
from flask_jwt_extended import create_access_token, jwt_required, get_jwt_identity
|
|
from .database import db, User
|
|
|
|
auth_bp = Blueprint('auth', __name__, url_prefix='/api/auth')
|
|
|
|
@auth_bp.route('/register', methods=['POST'])
|
|
def register():
|
|
data = request.get_json()
|
|
username = data.get('username')
|
|
password = data.get('password')
|
|
|
|
if not username or not password:
|
|
return jsonify({"error": "Username and password required"}), 400
|
|
|
|
if User.query.filter_by(username=username).first():
|
|
return jsonify({"error": "Username already exists"}), 409 # Conflict
|
|
|
|
new_user = User(username=username)
|
|
new_user.set_password(password)
|
|
db.session.add(new_user)
|
|
try:
|
|
db.session.commit()
|
|
return jsonify({"message": "User registered successfully"}), 201
|
|
except Exception as e:
|
|
db.session.rollback()
|
|
print(f"Error registering user: {e}")
|
|
return jsonify({"error": "Registration failed"}), 500
|
|
|
|
@auth_bp.route('/login', methods=['POST'])
|
|
def login():
|
|
data = request.get_json()
|
|
username = data.get('username')
|
|
password = data.get('password')
|
|
|
|
if not username or not password:
|
|
return jsonify({"error": "Username and password required"}), 400
|
|
|
|
user = User.query.filter_by(username=username).first()
|
|
|
|
if user and user.check_password(password):
|
|
# --- SOLUTION: Convert user.id to string ---
|
|
identity_data = str(user.id)
|
|
access_token = create_access_token(identity=identity_data)
|
|
# ------------------------------------------
|
|
return jsonify(access_token=access_token)
|
|
else:
|
|
return jsonify({"error": "Invalid credentials"}), 401
|
|
# Add /logout, /refresh_token if needed later |