added authentication API

2019-03-19 16:34:05 +01:00
parent 9d9c58d268
commit bef3c6dc9b
5 changed files with 72 additions and 9 deletions
--- a/api/auth_api.py
+++ b/api/auth_api.py
@@ -0,0 +1,35 @@
+#  Copyright (c) 2019. Tobias Kurze
+import datetime
+import jwt
+from flask import request, jsonify, current_app
+from functools import wraps
+from random import randint
+
+from backend import db
+from backend.api import auth_api_bp
+from backend.models.user_model import User
+
+
+@auth_api_bp.route('/register', methods=('POST',))
+def register():
+    data = request.get_json()
+    user = User(**data)
+    db.session.add(user)
+    db.session.commit()
+    return jsonify(user.to_dict()), 201
+
+
+@auth_api_bp.route('/login', methods=('GET', 'POST',))
+def login():
+    data = request.get_json()
+    user = User.authenticate(**data)
+
+    if not user:
+        return jsonify({ 'message': 'Invalid credentials', 'authenticated': False }), 401
+
+    token = jwt.encode({
+        'sub': user.email,
+        'iat':datetime.utcnow(),
+        'exp': datetime.utcnow() + datetime.timedelta(minutes=30)},
+        current_app.config['SECRET_KEY'])
+    return jsonify({'token': token.decode('UTF-8')})