from flask import Blueprint, jsonify, request from flask_jwt_extended import (create_access_token, create_refresh_token, get_jwt_identity, jwt_required) from app import db from app.models import User api_bp = Blueprint("api", __name__) # User Routes @api_bp.route("/auth/register", methods=["POST"]) def register(): """Register a new user""" data = request.get_json() if not data or not data.get("email") or not data.get("password"): return jsonify({"error": "Email and password are required"}), 400 if User.query.filter_by(email=data["email"]).first(): return jsonify({"error": "Email already exists"}), 400 user = User( email=data["email"], username=data.get("username", data["email"].split("@")[0]), first_name=data.get("first_name"), last_name=data.get("last_name"), ) user.set_password(data["password"]) db.session.add(user) db.session.commit() return jsonify(user.to_dict()), 201 @api_bp.route("/auth/login", methods=["POST"]) def login(): """Login user""" data = request.get_json() if not data or not data.get("email") or not data.get("password"): return jsonify({"error": "Email and password are required"}), 400 user = User.query.filter_by(email=data["email"]).first() if not user or not user.check_password(data["password"]): return jsonify({"error": "Invalid credentials"}), 401 if not user.is_active: return jsonify({"error": "Account is inactive"}), 401 access_token = create_access_token(identity=str(user.id)) refresh_token = create_refresh_token(identity=str(user.id)) return ( jsonify( { "user": user.to_dict(), "access_token": access_token, "refresh_token": refresh_token, } ), 200, ) @api_bp.route("/users/me", methods=["GET"]) @jwt_required() def get_current_user(): """Get current user""" user_id = int(get_jwt_identity()) user = db.session.get(User, user_id) if not user: return jsonify({"error": "User not found"}), 404 return jsonify(user.to_dict()), 200