def register():
try:
list_role = ["ADMIN", "HOTEL_OWNER", "USER"]
username = request.get_json()['username']
password = bcrypt.generate_password_hash(
request.get_json()['password']).decode('utf-8')
role = request.get_json()['role']
if role not in list_role:
return custom_response({"error": "Invalid role"}, 400)
newuser = User(username, password, role)
user = User.get_user_by_username(username)
if (user != None):
return custom_response({"error": "Duplicate username"}, 400)
else:
db.session.add(newuser)
db.session.commit()
result = newuser.dump()
return custom_response(result, 200)
except Exception as e:
return custom_response({"error": str(e)}, 400)
def login():
try:
username = request.get_json()['username']
password = request.get_json()['password']
result = ''
if not username or not password:
return custom_response(
{'error': 'you need username and password to sign in'}, 400)
user = User.get_user_by_username(username)
if user != None:
if bcrypt.check_password_hash(user.password, password):
access_token = jwt.encode(
{
'exp':
datetime.datetime.utcnow() +
datetime.timedelta(days=1),
'iat':
datetime.datetime.utcnow(),
'sub':
user.id,
'username':
user.username,
'role':
user.role
}, config.SECRET_KEY)
result = access_token.decode("utf-8")
else:
return custom_response(
{"error": "Invalid username or password!"}, 400)
else:
return custom_response({"error": "Invalid username or password!"},
400)
return custom_response(
{
'token': result,
'role': user.role,
'username': user.username
}, 200)
except Exception as e:
return custom_response({"error": str(e)}, 400)