def login(email, password):
user = User.find_user_by(email)
if user is None:
return {'message': 'invalid username/password'}, 401
if user.email == email and match_password(password, user.password):
access_token, refresh_token = generate_token(user.email)
return {
'id': user.id,
'email': user.email,
'access_token': access_token,
'refresh_token': refresh_token
}
return {'message': 'invalid username/password'}, 401
def create_user(email, password):
user = User.find_user_by(email)
if user:
return {'message': F'user already exist with email {email}'}, 409
user = User()
user.password = hash_password(password)
user.email = email
db.session.add(user)
db.session.commit()
return {
"email": user.email,
"id": user.id
}