from flask import jsonify, request from models.user import User from utils.auth import generate_token import logging # Configure logging logger = logging.getLogger(__name__) def login(): """Login a user and return an authentication token""" data = request.get_json() # Check if required fields are present if 'email' not in data or 'password' not in data: return jsonify({'message': 'Email and password are required'}), 400 # Find user by email user = User.find_by_email(data['email']) if not user: return jsonify({'message': 'Invalid email or password'}), 401 # Verify password if not user.password or not User.verify_password(user.password, data['password']): return jsonify({'message': 'Invalid email or password'}), 401 # Generate token token = generate_token(user._id, user.permissions) # Return token and user information return jsonify({ 'message': 'Login successful', 'token': token, 'user': user.to_dict() }), 200 def get_current_user(current_user): """Get the current authenticated user's information""" return jsonify({'user': current_user.to_dict()}), 200 def update_password(current_user): """Update the current user's password""" data = request.get_json() # Check if required fields are present if 'current_password' not in data or 'new_password' not in data: return jsonify({'message': 'Current password and new password are required'}), 400 # Verify current password if not User.verify_password(current_user.password, data['current_password']): return jsonify({'message': 'Current password is incorrect'}), 401 # Update password current_user.password = User.hash_password(data['new_password']) if current_user.save(): return jsonify({'message': 'Password updated successfully'}), 200 else: return jsonify({'message': 'Failed to update password'}), 500 def reset_password(current_user): """Reset a user's password (admin only)""" data = request.get_json() # Check if required fields are present if 'user_id' not in data: return jsonify({'message': 'User ID is required'}), 400 # Check if admin if current_user.permissions != 'Admin': return jsonify({'message': 'Admin permissions required'}), 403 # Find user by ID user = User.find_by_id(data['user_id']) if not user: return jsonify({'message': 'User not found'}), 404 # Check if user belongs to the same department as the admin if str(user.department_id) != str(current_user.department_id): return jsonify({'message': 'Cannot reset password for users in other departments'}), 403 # Generate new random password or use provided one from controllers.department_controller import generate_random_password new_password = data.get('new_password', generate_random_password()) # Update user's password user.password = User.hash_password(new_password) if user.save(): return jsonify({ 'message': 'Password reset successfully', 'user': user.to_dict(), 'new_password': new_password }), 200 else: return jsonify({'message': 'Failed to reset password'}), 500 def update_profile(current_user): """Update the current user's profile information""" data = request.get_json() # Update fields if provided if 'name' in data: current_user.name = data['name'] if 'position' in data: current_user.position = data['position'] # Don't allow updating email or permissions through this endpoint if current_user.save(): return jsonify({ 'message': 'Profile updated successfully', 'user': current_user.to_dict() }), 200 else: return jsonify({'message': 'Failed to update profile'}), 500 def verify_token(current_user): """Verify the current user's token""" return jsonify({'message': 'Token is valid', 'user': current_user.to_dict()}), 200