def login(body): """ Responds to a request for /api/login :param body: dict containing keys email, password :return: JWT token, message """ email = body['email'] password = body['password'] try: # Get the user object using their email (unique to every user) user = User.query.filter_by(email=email).first() # Try to authenticate the found user using their password if user and user.password_is_valid(password): # save user id in session for authorization purposes User.save_user_session_id(user.id) # Generate the access token. # This will be used as the authorization header access_token = user.generate_token(user.id) if access_token: response = { 'message': 'You logged in successfully.', 'access_token': access_token.decode(), 'uid': User.get_user_session_id(), } return response, 200 else: # User does not exist, return error message response = { 'message': 'Invalid email or password, Please try again' } return response, 401 except Exception as e: # Create a response containing an string error message response = {'message': str(e)} # Return a server error using the HTTP Error Code 500 (Internal Server Error) return response, 500
def register(body): """ Responds to a request for /api/register :param body: dict containing keys email, password :return: JWT token, message """ email = body['email'] password = body['password'] # query to see if user already exists user = User.query.filter_by(email=email).first() if not user: try: user = User(email=email, password=password) user.save() # save user id in session for authorization purposes User.save_user_session_id(user.id) # Generate the access token. This will be used as the authorization header access_token = user.generate_token(user.id) response = jsonify({ 'message': 'You registered successfully. Please log in', 'access_token': access_token.decode(), 'uid': User.get_user_session_id(), }) response.status_code = 201 return response except Exception as e: response = jsonify({'message': str(e)}) return response, 401 else: response = jsonify( {'message': 'There is an existing user. Please login.'}) response.status_code = 422 return response
def get_user_session_id(): return User.get_user_session_id()