HackXlbef
/
FreeBug
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add logout

Browse Source
manzilcheck
Kushal Dotel 6 months ago
parent a7b728951d
commit 7bb6b0b8c7
4 changed files with 32 additions and 73 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 73
      backend/blueprints/profile/__init__.py
  2. 28
      backend/blueprints/session/__init__.py
  3. 2
      backend/config.py
  4. BIN
      backend/uploads/meme.jpg

73
backend/blueprints/profile/__init__.py
Unescape View File

@ -85,7 +85,8 @@ def register():
quizzes=[], quizzes=[],
quiz_attempts=[], quiz_attempts=[],
chats=[], chats=[],
notifications=[] notifications=[],
publications=[]
) )
# Save the user to the database # Save the user to the database
@ -101,76 +102,6 @@ def register():
db.session.rollback() db.session.rollback()
return jsonify({"error": "Registration failed, please try again later."}), 500 return jsonify({"error": "Registration failed, please try again later."}), 500
@profile.route('/login', methods=['POST'])
def login():
"""
Handle user login.
"""
data = request.form # Expecting JSON body
# Extract credentials from request
# username = data.get('username')
email = data.get('email')
password = data.get('password')
user_agent = request.headers.get('User-Agent', 'Unknown')
# Validate required fields
if not email or not password:
return jsonify({"error": "email and password are required"}), 400
# Find the user by username
# user = User.query.filter_by(username=username).first()
user = User.query.filter_by(email=email).first()
if not user:
return jsonify({"error": "Invalid email or password"}), 401
# Verify the password
if not check_password_hash(user.hash_password, password):
return jsonify({"error": "Invalid email or password"}), 401
# Create a new session
session_key = str(uuid.uuid4()) # Generate a unique session key
new_session = Session(
userID=user.id,
user=user, # Pass the user object here
key=session_key,
ua=user_agent,
creationDate=datetime.utcnow(),
lastUsed=datetime.utcnow(),
isValid=True
)
try:
db.session.add(new_session)
db.session.commit()
return jsonify({
"message": "Login successful",
"session_key": session_key,
"user_id": str(user.id)
}), 200
except Exception as e:
db.session.rollback()
return jsonify({"error": "Login failed, please try again later."}), 500
#Implement laters
# @profile.route('/update', methhods=['UPDATE', 'DELETE'])
# def update():
# if request.method == 'DELETE':
# pass
# if request.method == 'UPDATE':
# pass
# @profile.route('/me')
# def my_profile():
# pass
# @profile.route('/info/<str:uuid>')
# def profile_info(user_uuid):
# return user_uuid
#make a get request to get json on hello word #make a get request to get json on hello word
@profile.route('/hello') @profile.route('/hello')
@auth_required() @auth_required()

28
backend/blueprints/session/__init__.py
Unescape View File

@ -12,6 +12,7 @@ import os
from config import * from config import *
from utils.utils import password_check_sanity,is_valid_email,InsecurePasswordException from utils.utils import password_check_sanity,is_valid_email,InsecurePasswordException
from sqlalchemy.exc import IntegrityError from sqlalchemy.exc import IntegrityError
from sqlalchemy import select, and_
session = Blueprint('session', __name__) session = Blueprint('session', __name__)
@ -67,3 +68,30 @@ def login():
except Exception as e: except Exception as e:
db.session.rollback() db.session.rollback()
return jsonify({"error": "Login failed, please try again later."}), 500 return jsonify({"error": "Login failed, please try again later."}), 500
@session.route('/destroy', methods=['POST'])
@auth_required()
def logout():
"""
Handle user logout by invalidating the session.
"""
try:
data = request.json # Expecting JSON body
except:
data = {}
target_session_key = data.get('session_key',None)
target_session = g.current_session
if target_session_key is not None:
target_session = db.session.execute(
select(Session).where(and_(
Session.key == target_session_key, Session.isValid == True, Session.userID == g.current_user.id
))
).scalar()
if target_session is None:
return jsonify({'message': 'The session key is invalid or does not belong to current user.'}), 401
target_session.isValid = False
db.session.commit()
return jsonify({'message': 'Session invalidated'}), 200

2
backend/config.py
Unescape View File

@ -18,7 +18,7 @@ DEFAULT_BADGE_ICON: str = "defaultBadgeIcon.png"
DISABLE_PASSWORD_SANITY_CHECKS: bool = False DISABLE_PASSWORD_SANITY_CHECKS: bool = False
PROJECT_ROOT: os.path = os.path.dirname(os.path.abspath(__file__)) PROJECT_ROOT: os.path = os.path.dirname(os.path.abspath(__file__))
USER_UPLOADS_DIR: str = os.path.join(PROJECT_ROOT, "uploads") USER_UPLOADS_DIR: str = os.path.abspath(os.path.join(PROJECT_ROOT, "uploads"))
DB_URI: str = f"{DB_ENGINE}://{DB_USER}:{DB_PASSWORD}@{DB_HOST}:{DB_PORT}/{DB_NAME}" DB_URI: str = f"{DB_ENGINE}://{DB_USER}:{DB_PASSWORD}@{DB_HOST}:{DB_PORT}/{DB_NAME}"
ACTIVATE_ACCOUNTS_ON_SIGNUP: bool = True ACTIVATE_ACCOUNTS_ON_SIGNUP: bool = True

BIN
backend/uploads/meme.jpg
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

Write Preview
Loading…
Cancel
Save