feat:add login

6 months ago · dc11e54ee4
parent dd5ceda5ac
commit dc11e54ee4
2 changed files with 54 additions and 2 deletions
--- a/backend/blueprints/profile/init.py
+++ b/backend/blueprints/profile/init.py
@ -3,8 +3,8 @@ from flask import Blueprint, request, jsonify, current_app
 from werkzeug.utils import secure_filename
 from datetime import datetime
 from db.model import db
-from db.model import User, UserRole  # Adjust based on your model's location
-from werkzeug.security import generate_password_hash
+from db.model import User, UserRole, Session  # Adjust based on your model's location
+from werkzeug.security import generate_password_hash,check_password_hash
 import uuid
 import os
 from config import *
@ -98,3 +98,55 @@ def register():
    except Exception as e:
        db.session.rollback()
        return jsonify({"error": "Registration failed, please try again later."}), 500
+
+
+@profile.route('/login', methods=['POST'])
+def login():
+    """
+    Handle user login.
+    """
+    data = request.json  # Expecting JSON body
+
+    # Extract credentials from request
+    username = data.get('username')
+    password = data.get('password')
+    user_agent = request.headers.get('User-Agent', 'Unknown')
+
+    # Validate required fields
+    if not username or not password:
+        return jsonify({"error": "Username and password are required"}), 400
+
+    # Find the user by username
+    user = User.query.filter_by(username=username).first()
+
+    if not user:
+        return jsonify({"error": "Invalid username or password"}), 401
+
+    # Verify the password
+    if not check_password_hash(user.hash_password, password):
+        return jsonify({"error": "Invalid username or password"}), 401
+
+    # Create a new session
+    session_key = str(uuid.uuid4())  # Generate a unique session key
+    new_session = Session(
+        userID=user.id,
+        user=user,  # Pass the user object here
+        key=session_key,
+        ua=user_agent,
+        creationDate=datetime.utcnow(),
+        lastUsed=datetime.utcnow(),
+        isValid=True
+    )
+
+
+    try:
+        db.session.add(new_session)
+        db.session.commit()
+        return jsonify({
+            "message": "Login successful",
+            "session_key": session_key,
+            "user_id": str(user.id)
+        }), 200
+    except Exception as e:
+        db.session.rollback()
+        return jsonify({"error": "Login failed, please try again later."}), 500
--- a/backend/blueprints/session/init.py
+++ b/backend/blueprints/session/init.py