juggy1233/COMP-2707-final-project
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects 2 Releases Wiki Activity

#2 Added routes for login and logout #17

Merged
juggy1233 merged 1 commits from #2-user-login into master 2023-03-18 21:03:18 -04:00
Conversation 0 Commits 1 Files Changed 2 +39 -6
2 changed files with 39 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
backend/app/models.py
View File

@@ -1,7 +1,7 @@
from app import db
from flask_login import UserMixin
from datetime import datetime
from werkzeug.security import check_password_hash, generate_password_hash
class User(UserMixin, db.Model):
id = db.Column(db.Integer, primary_key=True)
@@ -12,6 +12,9 @@ class User(UserMixin, db.Model):
last_seen = db.Column(db.DateTime, default=datetime.utcnow)
token = db.Column(db.String(32), index=True, unique=True)
def __repr__(self):
return f'<User {self.username}>'
def to_dict(self):
return {
"id": self.id,
@@ -19,3 +22,11 @@ class User(UserMixin, db.Model):
"email": self.email,
"about_me": self.about_me,
}
def set_password(self, password):
self.password_hash = generate_password_hash(password)
def check_password(self, password):
return check_password_hash(self.password_hash, password)

32
backend/app/routes.py
View File

@@ -1,22 +1,44 @@
from flask_login import login_user, logout_user
from app.bp import bp
from flask import Response, jsonify, request
from app.errors import error_response
from flask_login import current_user
from app import db
from app import login
from app.models import User
@login.user_loader
def load_user(user_id):
return User.query.get(user_id)
@bp.route("/login", methods=["POST"])
def login():
def login_route():
data = request.get_json()
print(data)
if not data.get("user_id"):
return error_response(400, "Must supply user_id")
if current_user.is_authenticated:
return error_response(400, 'A user is already logged in!')
if not data.get("user_id") or not data.get("password"):
return error_response(400, "Must supply user_id and password")
user = User.query.get(data.get("user_id"))
if not user:
return error_response(400, "User not found")
if not user.check_password(data.get("password")):
return error_response(400, "Invalid password")
login_user(user)
resp = jsonify(user.to_dict())
resp.status_code = 200
return resp
@bp.route("/logout", methods=["POST"])
def logout_route():
if not current_user.is_authenticated:
return error_response(400, "No users are logged in!")
logout_user()
return Response(status=200)