Added beginning of login functionality

2026-01-05 16:18:59 -05:00
parent 46af0fb959
commit f65d97a50a
7 changed files with 100 additions and 13 deletions
--- a/api/auth_api.py
+++ b/api/auth_api.py
@@ -1,4 +1,4 @@
-import secrets
+import secrets, jwt
 from datetime import datetime, timedelta, timezone

 from flask import Blueprint, request, jsonify, current_app
@@ -15,6 +15,9 @@ UserQuery = Query()
 mail = Mail()
 TOKEN_EXPIRY_MINUTES = 60*4

+SECRET_KEY = "your-secret-key"  # Use a secure key in production
+#SECRET_KEY = os.environ.get('SECRET_KEY')
+
 def send_verification_email(to_email, token):
    verify_url = f"{current_app.config['FRONTEND_URL']}/auth/verify?token={token}"
    msg = Message(
@@ -123,5 +126,36 @@ def login():
    if not user.get('verified'):
        return jsonify({'error': 'This account has not verified', 'code': NOT_VERIFIED}), 403

-    # In production, generate and return a session token or JWT here
-    return jsonify({'message': 'Login successful'}), 200
+    payload = {
+        'email': email,
+        'exp': datetime.utcnow() + timedelta(hours=24*7)
+    }
+    token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')
+
+    resp = jsonify({'message': 'Login successful'})
+    resp.set_cookie('token', token, httponly=True, secure=True, samesite='Strict')
+    return resp, 200
+
+@auth_api.route('/me', methods=['GET'])
+def me():
+    token = request.cookies.get('token')
+    if not token:
+        return jsonify({'error': 'Missing token', 'code': MISSING_TOKEN}), 401
+
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=['HS256'])
+        email = payload.get('email')
+        user = users_db.get(UserQuery.email == email)
+        if not user:
+            return jsonify({'error': 'User not found', 'code': USER_NOT_FOUND}), 404
+        return jsonify({
+            'email': user['email'],
+            'first_name': user['first_name'],
+            'last_name': user['last_name'],
+            'verified': user['verified']
+        }), 200
+    except jwt.ExpiredSignatureError:
+        return jsonify({'error': 'Token expired', 'code': TOKEN_EXPIRED}), 401
+    except jwt.InvalidTokenError:
+        return jsonify({'error': 'Invalid token', 'code': INVALID_TOKEN}), 401
+