def post(self): data = request.get_json(force=True) user = User.authenticate(**data) if not user: return jsonify({ 'message': 'Invalid credentials', 'authenticated': False }), 401 access_token = create_access_token(identity=user.email, fresh=True) refresh_token = create_refresh_token(user.email) return { 'message': 'Logged in as {}'.format(user.email), 'access_token': access_token, 'refresh_token': refresh_token }, 200