From bb698f459ae861c256b1221b5d87a145e5557119 Mon Sep 17 00:00:00 2001 From: DHRUMIL PATEL <123137675+dhrumilp12@users.noreply.github.com> Date: Mon, 3 Jun 2024 16:10:06 -0400 Subject: [PATCH] logout. --- server/models/user.py | 15 --------------- server/routes/user.py | 34 ++++++++++++++++++++++------------ 2 files changed, 22 insertions(+), 27 deletions(-) diff --git a/server/models/user.py b/server/models/user.py index 769e101b..66af5d20 100644 --- a/server/models/user.py +++ b/server/models/user.py @@ -16,21 +16,6 @@ def username_alphanumeric(cls, v): assert v.isalnum(), 'must be alphanumeric' return v - @validator('password', pre=True, always=True) - def password_complexity(cls, v): - pattern = ( - r'^(?=.*[a-z])' # at least one lowercase letter - r'(?=.*[A-Z])' # at least one uppercase letter - r'(?=.*\d)' # at least one digit - r'(?=.*[@$!%*?&])' # at least one special character - r'[A-Za-z\d@$!%*?&]{8,}$' # minimum 8 characters long - ) - if not re.match(pattern, v): - raise ValueError( - "Password must be at least 8 characters long and include at least one lowercase letter, " - "one uppercase letter, one digit, and one special character." - ) - return v @classmethod def find_by_username(cls, username): diff --git a/server/routes/user.py b/server/routes/user.py index 1502a6fe..554c5d23 100644 --- a/server/routes/user.py +++ b/server/routes/user.py @@ -1,7 +1,7 @@ import logging from flask import Blueprint, request, jsonify -from flask_jwt_extended import create_access_token +from flask_jwt_extended import create_access_token, jwt_required, get_jwt_identity from werkzeug.security import generate_password_hash, check_password_hash from models.user import User as UserModel @@ -59,19 +59,29 @@ def anonymous_signin(): @user_routes.post('/login') def login(): - username = request.json.get('username', None) - password = request.json.get('password', None) + try: + username = request.json.get('username', None) + password = request.json.get('password', None) + + if not username or not password: + return jsonify({"msg": "Missing username or password"}), 400 + + user = UserModel.find_by_username(username) # You need to implement this method in your User model + if user and check_password_hash(user.password, password): + access_token = create_access_token(identity=username) + return jsonify(access_token=access_token), 200 + else: + return jsonify({"msg": "Bad username or password"}), 401 - if not username or not password: - return jsonify({"msg": "Missing username or password"}), 400 + except Exception as e: + logging.error(f"Login error: {str(e)}") + return jsonify({"error": str(e)}), 500 - user = UserModel.find_by_username(username) # You need to implement this method in your User model - if user and check_password_hash(user.password, password): - access_token = create_access_token(identity=username) - return jsonify(access_token=access_token), 200 - else: - return jsonify({"msg": "Bad username or password"}), 401 @user_routes.post('/logout') +@jwt_required() def logout(): - return jsonify({"msg": "Logout successful"}), 200 + # JWT Revocation or Blacklisting could be implemented here if needed + jwt_id = get_jwt_identity() + logging.info(f"User {jwt_id} logged out successfully") + return jsonify({"msg": "Logout successful"}), 200 \ No newline at end of file