logout.

dhrumilp12 · Jun 3, 2024 · bb698f4 · bb698f4
1 parent 73fb4eb
commit bb698f4
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 27 deletions.
diff --git a/server/models/user.py b/server/models/user.py
@@ -16,21 +16,6 @@ def username_alphanumeric(cls, v):
         assert v.isalnum(), 'must be alphanumeric'
         return v
 
-    @validator('password', pre=True, always=True)
-    def password_complexity(cls, v):
-        pattern = (
-            r'^(?=.*[a-z])'        # at least one lowercase letter
-            r'(?=.*[A-Z])'         # at least one uppercase letter
-            r'(?=.*\d)'            # at least one digit
-            r'(?=.*[@$!%*?&])'     # at least one special character
-            r'[A-Za-z\d@$!%*?&]{8,}$'  # minimum 8 characters long
-        )
-        if not re.match(pattern, v):
-            raise ValueError(
-                "Password must be at least 8 characters long and include at least one lowercase letter, "
-                "one uppercase letter, one digit, and one special character."
-            )
-        return v
 
     @classmethod
     def find_by_username(cls, username):

diff --git a/server/routes/user.py b/server/routes/user.py
@@ -1,7 +1,7 @@
 import logging
 
 from flask import Blueprint, request, jsonify
-from flask_jwt_extended import create_access_token
+from flask_jwt_extended import create_access_token, jwt_required, get_jwt_identity
 
 from werkzeug.security import generate_password_hash, check_password_hash
 from models.user import User as UserModel
@@ -59,19 +59,29 @@ def anonymous_signin():
 
 @user_routes.post('/login')
 def login():
-    username = request.json.get('username', None)
-    password = request.json.get('password', None)
+    try:
+        username = request.json.get('username', None)
+        password = request.json.get('password', None)
+
+        if not username or not password:
+            return jsonify({"msg": "Missing username or password"}), 400
+
+        user = UserModel.find_by_username(username)  # You need to implement this method in your User model
+        if user and check_password_hash(user.password, password):
+            access_token = create_access_token(identity=username)
+            return jsonify(access_token=access_token), 200
+        else:
+            return jsonify({"msg": "Bad username or password"}), 401
 
-    if not username or not password:
-        return jsonify({"msg": "Missing username or password"}), 400
+    except Exception as e:
+            logging.error(f"Login error: {str(e)}")
+            return jsonify({"error": str(e)}), 500
 
-    user = UserModel.find_by_username(username)  # You need to implement this method in your User model
-    if user and check_password_hash(user.password, password):
-        access_token = create_access_token(identity=username)
-        return jsonify(access_token=access_token), 200
-    else:
-        return jsonify({"msg": "Bad username or password"}), 401
 
 @user_routes.post('/logout')
+@jwt_required()
 def logout():
-    return jsonify({"msg": "Logout successful"}), 200
+    # JWT Revocation or Blacklisting could be implemented here if needed
+    jwt_id = get_jwt_identity()
+    logging.info(f"User {jwt_id} logged out successfully")
+    return jsonify({"msg": "Logout successful"}), 200