2026-02-24 16:19:15 +00:00
|
|
|
from flask import Blueprint, jsonify, request
|
2026-02-25 18:32:57 +00:00
|
|
|
from flask_jwt_extended import (create_access_token, create_refresh_token,
|
|
|
|
|
get_jwt_identity, jwt_required)
|
2026-02-24 11:03:23 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
from app import db
|
2026-03-22 11:52:33 +00:00
|
|
|
from app.models import User
|
2026-02-14 16:56:10 +00:00
|
|
|
|
|
|
|
|
api_bp = Blueprint("api", __name__)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# User Routes
|
|
|
|
|
@api_bp.route("/auth/register", methods=["POST"])
|
|
|
|
|
def register():
|
|
|
|
|
"""Register a new user"""
|
|
|
|
|
data = request.get_json()
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
if not data or not data.get("email") or not data.get("password"):
|
|
|
|
|
return jsonify({"error": "Email and password are required"}), 400
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
if User.query.filter_by(email=data["email"]).first():
|
|
|
|
|
return jsonify({"error": "Email already exists"}), 400
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
user = User(
|
|
|
|
|
email=data["email"],
|
|
|
|
|
username=data.get("username", data["email"].split("@")[0]),
|
|
|
|
|
first_name=data.get("first_name"),
|
2026-02-24 16:19:15 +00:00
|
|
|
last_name=data.get("last_name"),
|
2026-02-14 16:56:10 +00:00
|
|
|
)
|
|
|
|
|
user.set_password(data["password"])
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
db.session.add(user)
|
|
|
|
|
db.session.commit()
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
return jsonify(user.to_dict()), 201
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@api_bp.route("/auth/login", methods=["POST"])
|
|
|
|
|
def login():
|
|
|
|
|
"""Login user"""
|
|
|
|
|
data = request.get_json()
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
if not data or not data.get("email") or not data.get("password"):
|
|
|
|
|
return jsonify({"error": "Email and password are required"}), 400
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
user = User.query.filter_by(email=data["email"]).first()
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
if not user or not user.check_password(data["password"]):
|
|
|
|
|
return jsonify({"error": "Invalid credentials"}), 401
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
if not user.is_active:
|
|
|
|
|
return jsonify({"error": "Account is inactive"}), 401
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-24 14:36:31 +00:00
|
|
|
access_token = create_access_token(identity=str(user.id))
|
|
|
|
|
refresh_token = create_refresh_token(identity=str(user.id))
|
2026-02-24 16:19:15 +00:00
|
|
|
|
|
|
|
|
return (
|
|
|
|
|
jsonify(
|
|
|
|
|
{
|
|
|
|
|
"user": user.to_dict(),
|
|
|
|
|
"access_token": access_token,
|
|
|
|
|
"refresh_token": refresh_token,
|
|
|
|
|
}
|
|
|
|
|
),
|
|
|
|
|
200,
|
|
|
|
|
)
|
2026-02-14 16:56:10 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@api_bp.route("/users/me", methods=["GET"])
|
|
|
|
|
@jwt_required()
|
|
|
|
|
def get_current_user():
|
|
|
|
|
"""Get current user"""
|
2026-02-24 14:36:31 +00:00
|
|
|
user_id = int(get_jwt_identity())
|
|
|
|
|
user = db.session.get(User, user_id)
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
if not user:
|
|
|
|
|
return jsonify({"error": "User not found"}), 404
|
2026-02-24 16:19:15 +00:00
|
|
|
|
2026-02-14 16:56:10 +00:00
|
|
|
return jsonify(user.to_dict()), 200
|
