70 lines
1.9 KiB
Python
70 lines
1.9 KiB
Python
from flask_login import login_user, logout_user
|
|
from app.bp import bp
|
|
from flask import Response, jsonify, request
|
|
from app.errors import error_response
|
|
from flask_login import current_user
|
|
|
|
from app import login, db
|
|
from app.models import User
|
|
|
|
|
|
@login.user_loader
|
|
def load_user(user_id):
|
|
return User.query.get(user_id)
|
|
|
|
|
|
@bp.route("/login", methods=["POST"])
|
|
def login_route():
|
|
data = request.get_json()
|
|
|
|
if current_user.is_authenticated:
|
|
return error_response(400, "A user is already logged in!")
|
|
|
|
if not data.get("user_id") or not data.get("password"):
|
|
return error_response(400, "Must supply user_id and password")
|
|
|
|
user = User.query.get(data.get("user_id"))
|
|
if not user:
|
|
return error_response(400, "User not found")
|
|
|
|
if not user.check_password(data.get("password")):
|
|
return error_response(400, "Invalid password")
|
|
|
|
login_user(user)
|
|
resp = jsonify(user.to_dict())
|
|
return resp
|
|
|
|
|
|
@bp.route("/logout", methods=["POST"])
|
|
def logout_route():
|
|
if not current_user.is_authenticated:
|
|
return error_response(400, "No users are logged in!")
|
|
|
|
resp = jsonify(current_user.to_dict())
|
|
logout_user()
|
|
return resp
|
|
|
|
|
|
@bp.route("/register", methods=["POST"])
|
|
def register():
|
|
data = request.get_json()
|
|
|
|
required_fields = ["role", "username", "email", "password", "password2"]
|
|
for f in required_fields:
|
|
if f not in data:
|
|
return error_response(400, f"Must supply {f}")
|
|
|
|
if User.query.filter_by(username=data["username"]).first():
|
|
return error_response(409, "User with that username already exists")
|
|
|
|
if User.query.filter_by(email=data["email"]).first():
|
|
return error_response(409, "User with that email already exists")
|
|
|
|
u = User()
|
|
u.from_dict(data, new_user=True)
|
|
db.session.add(u)
|
|
db.session.commit()
|
|
|
|
resp = jsonify(u.to_dict())
|
|
return resp
|