rideaware/rideaware-api
1
0
Fork 0
Code Issues 15 Pull requests Projects 1 Releases Packages Wiki Activity Actions

Merge pull request 'fix: resolve AttributeError in User model and ensure consistent password handling' (#17) from v0.1.0-user-login into main

Browse source 
Reviewed-on: https://brew.bsd.cafe/RideAware/rideaware-api/pulls/17
This commit is contained in:
blake 2025-02-16 05:44:19 +01:00
commit de9438b2a0
4 changed files with 36 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

23
models/User/user.py
View file

@ -1,22 +1,23 @@
from models import db
from werkzeug.security import generate_password_hash, check_password_hash from werkzeug.security import generate_password_hash, check_password_hash
from models import db
class User(db.Model): class User(db.Model):
__tablename__ = 'users' __tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True) id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(80), unique=True, nullable=False) username = db.Column(db.String(80), unique=True, nullable=False)
password = db.Column(db.String(128), nullable=False) _password = db.Column("password", db.String(255), nullable=False)
def __init__(self, username, password, hash_password=True): @property
self.username = username def password(self):
if hash_password: return self._password
self.password = generate_password_hash(password, method="pbkdf2:sha256")
@password.setter
def password(self, raw_password):
if not raw_password.startswith("pbkdf2:sha256:"):
self._password = generate_password_hash(raw_password)
else: else:
self.password = password self._password = raw_password
def check_password(self, password): def check_password(self, password):
return check_password_hash(self.password, password) return check_password_hash(self._password, password)
def __repr__(self):
return f"<User {self.username}>"

14
routes/user_auth/auth.py
View file

@ -1,5 +1,5 @@
# routes/auth.py # routes/auth.py
from flask import Blueprint, request, jsonify from flask import Blueprint, request, jsonify, session
from services.UserService.user import UserService from services.UserService.user import UserService
auth_bp = Blueprint('auth', __name__) auth_bp = Blueprint('auth', __name__)
@ -17,8 +17,20 @@ def signup():
@auth_bp.route('/login', methods=['POST']) @auth_bp.route('/login', methods=['POST'])
def login(): def login():
data = request.get_json() data = request.get_json()
username = data.get('username')
password = data.get('password')
print(f"Login attempt: username={username}, password={password}")
try: try:
user = user_service.verify_user(data['username'], data['password']) user = user_service.verify_user(data['username'], data['password'])
session['user_id'] = user.id
return jsonify({"message": "Login successful", "user_id": user.id}), 200 return jsonify({"message": "Login successful", "user_id": user.id}), 200
except ValueError as e: except ValueError as e:
print(f"Login failed: {str(e)}")
return jsonify({"error": str(e)}), 401 return jsonify({"error": str(e)}), 401
@auth_bp.route('/logout', methods=['POST'])
def logout():
session.clear()
return jsonify({"message": "Logout successful"}), 200

1
server.py
View file

@ -10,6 +10,7 @@ load_dotenv()
app = Flask(__name__) app = Flask(__name__)
CORS(app) CORS(app)
app.secret_key = os.getenv('SECRET_KEY')
app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv('DATABASE') app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv('DATABASE')
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

17
services/UserService/user.py
View file

@ -1,27 +1,30 @@
from models.User.user import User, db from models.User.user import User, db
from werkzeug.security import generate_password_hash, check_password_hash
class UserService: class UserService:
def create_user(self, username, password): def create_user(self, username, password):
if not username or not password: if not username or not password:
return jsonify({"error": "Username and password are required"}), 400 raise ValueError("Username and password are required")
if len(username) < 3 or len(password) < 8: if len(username) < 3 or len(password) < 8:
return jsonify({"error": "Username must be at least 3 characters and password must be at least 8 characters."}), 400 raise ValueError("Username must be at least 3 characters and password must be at least 8 characters.")
existing_user = User.query.filter_by(username=username).first() existing_user = User.query.filter_by(username=username).first()
if existing_user: if existing_user:
raise ValueError("User already exists") raise ValueError("User already exists")
hashed_password = generate_password_hash(password) new_user = User(username=username, password=password)
new_user = User(username=username, password=hashed_password)
db.session.add(new_user) db.session.add(new_user)
db.session.commit() db.session.commit()
return new_user return new_user
def verify_user(self, username, password): def verify_user(self, username, password):
user = User.query.filter_by(username=username).first() user = User.query.filter_by(username=username).first()
if not user or not user.check_password(password): if not user:
print(f"User not found: {username}")
raise ValueError("Invalid username or password") raise ValueError("Invalid username or password")
if not user.check_password(password):
raise ValueError("Invalid username or password")
print(f"User verified: {username}")
return user return user