def login():
if not request.is_json:
return jsonify({'error': 'invalid json data'}), 400
login_data = request.get_json()
email = login_data.get('email')
password = login_data.get('password')
if not all([email, password]):
return jsonify({'message': 'invalid credentials'}), 400
user = User.find_by_email(email)
if not user:
return jsonify({'error': 'user not exist with this email'}), 400
authenticated = user.check_password(password)
if not authenticated:
return jsonify({'error': 'invalid username/password'}), 400
access_token = create_access_token(identity=email)
refresh_token = create_refresh_token(identity=email)
return jsonify({
'access_token': access_token,
'refresh_token': refresh_token
}), 200
def post(self):
input = request.get_json(force=True)
# try:
# user = user_schema.load(input)
# except Exception as e:
# return e.messages, 400
user = user_schema.load(input)
if user.errors:
return user.errors, 400
if User.find_by_email(input['email']):
return {'message': 'email already registered'}
try:
new_user = User(**input)
new_user.set_password(input['password'])
new_user.save_to_db()
access_token = create_access_token(identity=new_user.email)
refresh_token = create_refresh_token(identity=new_user.email)
return {
'access_token': access_token,
'refresh_token': refresh_token
}, 201
except:
return {'message': 'something went wrong'}, 500
