Rename routes to routes/auth.py

routes/auth.py

@@ -0,0 +1,39 @@
+from flask import Blueprint, request, jsonify
+import bcrypt, jwt, os
+from datetime import datetime, timedelta
+
+auth_bp = Blueprint("auth", __name__)
+JWT_SECRET = os.getenv("JWT_SECRET")
+
+@auth_bp.route("/signup", methods=["POST"])
+def signup():
+    from app import db
+    data = request.json
+    if db.users.find_one({"email": data["email"]}):
+        return jsonify({"error": "User exists"}), 400
+    
+    hashed_pw = bcrypt.hashpw(data["password"].encode(), bcrypt.gensalt())
+    db.users.insert_one({
+        "name": data["name"],
+        "email": data["email"],
+        "password": hashed_pw,
+        "role": "student",
+        "created_at": datetime.utcnow()
+    })
+    return jsonify({"message": "Signup successful"}), 201
+
+@auth_bp.route("/login", methods=["POST"])
+def login():
+    from app import db
+    data = request.json
+    user = db.users.find_one({"email": data["email"]})
+    if not user or not bcrypt.checkpw(data["password"].encode(), user["password"]):
+        return jsonify({"error": "Invalid credentials"}), 401
+
+    token = jwt.encode({
+        "id": str(user["_id"]),
+        "role": user["role"],
+        "exp": datetime.utcnow() + timedelta(hours=2)
+    }, JWT_SECRET, algorithm="HS256")
+
+    return jsonify({"token": token, "role": user["role"], "name": user["name"]})