#2 Added routes for login and logout

2023-03-17 02:01:55 -04:00
parent 9b0b7b0ec7
commit 413074c8be
2 changed files with 39 additions and 6 deletions
--- a/backend/app/routes.py
+++ b/backend/app/routes.py
@@ -1,22 +1,44 @@
+from flask_login import login_user, logout_user
 from app.bp import bp
 from flask import Response, jsonify, request
 from app.errors import error_response
+from flask_login import current_user

-from app import db
+from app import login
 from app.models import User


+@login.user_loader
+def load_user(user_id):
+    return User.query.get(user_id)
+
+
@bp.route("/login", methods=["POST"])
-def login():
+def login_route():
    data = request.get_json()
-    print(data)
-    if not data.get("user_id"):
-        return error_response(400, "Must supply user_id")
+
+    if current_user.is_authenticated:
+        return error_response(400, 'A user is already logged in!')
+
+    if not data.get("user_id") or not data.get("password"):
+        return error_response(400, "Must supply user_id and password")

    user = User.query.get(data.get("user_id"))
    if not user:
        return error_response(400, "User not found")

+    if not user.check_password(data.get("password")):
+        return error_response(400, "Invalid password")
+
+    login_user(user)
    resp = jsonify(user.to_dict())
    resp.status_code = 200
    return resp
+
+@bp.route("/logout", methods=["POST"])
+def logout_route():
+    if not current_user.is_authenticated:
+        return error_response(400, "No users are logged in!")
+
+    logout_user()
+    return Response(status=200)