36 lines
975 B
Python
36 lines
975 B
Python
# Copyright (c) 2019. Tobias Kurze
|
|
import datetime
|
|
import jwt
|
|
from flask import request, jsonify, current_app
|
|
from functools import wraps
|
|
from random import randint
|
|
|
|
from backend import db
|
|
from backend.api import auth_api_bp
|
|
from backend.models.user_model import User
|
|
|
|
|
|
@auth_api_bp.route('/register', methods=('POST',))
|
|
def register():
|
|
data = request.get_json()
|
|
user = User(**data)
|
|
db.session.add(user)
|
|
db.session.commit()
|
|
return jsonify(user.to_dict()), 201
|
|
|
|
|
|
@auth_api_bp.route('/login', methods=('GET', 'POST',))
|
|
def login():
|
|
data = request.get_json()
|
|
user = User.authenticate(**data)
|
|
|
|
if not user:
|
|
return jsonify({ 'message': 'Invalid credentials', 'authenticated': False }), 401
|
|
|
|
token = jwt.encode({
|
|
'sub': user.email,
|
|
'iat':datetime.utcnow(),
|
|
'exp': datetime.utcnow() + datetime.timedelta(minutes=30)},
|
|
current_app.config['SECRET_KEY'])
|
|
return jsonify({'token': token.decode('UTF-8')})
|