diff --git a/models/User/user.py b/models/User/user.py index a45bbc5..1c4d50b 100644 --- a/models/User/user.py +++ b/models/User/user.py @@ -1,22 +1,23 @@ -from models import db from werkzeug.security import generate_password_hash, check_password_hash +from models import db class User(db.Model): __tablename__ = 'users' id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(80), unique=True, nullable=False) - password = db.Column(db.String(128), nullable=False) + _password = db.Column("password", db.String(255), nullable=False) - def __init__(self, username, password, hash_password=True): - self.username = username - if hash_password: - self.password = generate_password_hash(password, method="pbkdf2:sha256") + @property + def password(self): + return self._password + + @password.setter + def password(self, raw_password): + if not raw_password.startswith("pbkdf2:sha256:"): + self._password = generate_password_hash(raw_password) else: - self.password = password + self._password = raw_password def check_password(self, password): - return check_password_hash(self.password, password) - - def __repr__(self): - return f"" \ No newline at end of file + return check_password_hash(self._password, password) \ No newline at end of file diff --git a/routes/user_auth/auth.py b/routes/user_auth/auth.py index 051900b..ed8017c 100644 --- a/routes/user_auth/auth.py +++ b/routes/user_auth/auth.py @@ -1,5 +1,5 @@ # routes/auth.py -from flask import Blueprint, request, jsonify +from flask import Blueprint, request, jsonify, session from services.UserService.user import UserService auth_bp = Blueprint('auth', __name__) @@ -17,8 +17,20 @@ def signup(): @auth_bp.route('/login', methods=['POST']) def login(): data = request.get_json() + username = data.get('username') + password = data.get('password') + + print(f"Login attempt: username={username}, password={password}") + try: user = user_service.verify_user(data['username'], data['password']) + session['user_id'] = user.id return jsonify({"message": "Login successful", "user_id": user.id}), 200 except ValueError as e: + print(f"Login failed: {str(e)}") return jsonify({"error": str(e)}), 401 + +@auth_bp.route('/logout', methods=['POST']) +def logout(): + session.clear() + return jsonify({"message": "Logout successful"}), 200 \ No newline at end of file diff --git a/server.py b/server.py index 7be776b..c952050 100644 --- a/server.py +++ b/server.py @@ -10,6 +10,7 @@ load_dotenv() app = Flask(__name__) CORS(app) +app.secret_key = os.getenv('SECRET_KEY') app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv('DATABASE') app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False diff --git a/services/UserService/user.py b/services/UserService/user.py index fe59325..fd0aa3a 100644 --- a/services/UserService/user.py +++ b/services/UserService/user.py @@ -1,27 +1,30 @@ from models.User.user import User, db -from werkzeug.security import generate_password_hash, check_password_hash class UserService: def create_user(self, username, password): if not username or not password: - return jsonify({"error": "Username and password are required"}), 400 + raise ValueError("Username and password are required") if len(username) < 3 or len(password) < 8: - return jsonify({"error": "Username must be at least 3 characters and password must be at least 8 characters."}), 400 - + raise ValueError("Username must be at least 3 characters and password must be at least 8 characters.") existing_user = User.query.filter_by(username=username).first() if existing_user: raise ValueError("User already exists") - hashed_password = generate_password_hash(password) - new_user = User(username=username, password=hashed_password) + new_user = User(username=username, password=password) db.session.add(new_user) db.session.commit() return new_user def verify_user(self, username, password): user = User.query.filter_by(username=username).first() - if not user or not user.check_password(password): + if not user: + print(f"User not found: {username}") raise ValueError("Invalid username or password") + + if not user.check_password(password): + raise ValueError("Invalid username or password") + + print(f"User verified: {username}") return user