Hugging Face's logo

Spaces:
tannuiscoding
/
BREATHE
Sleeping

App Files Community
BREATHE / backend /routes /auth.py
tannuiscoding's picture
tannuiscoding
added app.py
5a264f5
raw
history blame contribute delete
2.23 kB
from flask import Blueprint, request, jsonify, session
from ..models.user import User
from .. import db
auth_bp = Blueprint("auth", __name__, url_prefix="/api/auth")
@auth_bp.route("/signup", methods=["POST"])
def signup():
 data = request.get_json(silent=True) or {}
 username = (data.get("username") or "").strip()
 email = (data.get("email") or "").strip().lower()
 password = data.get("password") or ""
if not username or not email or not password:
 return jsonify({"error": "username, email and password are required"}), 400
if len(password) < 8:
 return jsonify({"error": "Password must be at least 8 characters"}), 400
if User.query.filter(
 (User.username == username) | (User.email == email)
 ).first():
 return jsonify({"error": "Username or email already exists"}), 409
user = User(username=username, email=email)
 user.set_password(password)
 db.session.add(user)
 db.session.commit()
session["user_id"] = user.id
 return jsonify({"message": "Account created", "user": user.to_dict()}), 201
@auth_bp.route("/login", methods=["POST"])
def login():
 data = request.get_json(silent=True) or {}
 identity = (data.get("email") or data.get("username") or "").strip()
 password = data.get("password") or ""
if not identity or not password:
 return jsonify({"error": "Email/username and password are required"}), 400
user = User.query.filter(
 (User.email == identity.lower()) | (User.username == identity)
 ).first()
if not user or not user.check_password(password):
 return jsonify({"error": "Invalid credentials"}), 401
session["user_id"] = user.id
 return jsonify({"message": "Logged in", "user": user.to_dict()}), 200
@auth_bp.route("/logout", methods=["POST"])
def logout():
 session.pop("user_id", None)
 return jsonify({"message": "Logged out"}), 200
@auth_bp.route("/me", methods=["GET"])
def me():
 uid = session.get("user_id")
 if not uid:
 return jsonify({"error": "Not authenticated"}), 401
 user = User.query.get(uid)
 if not user:
 return jsonify({"error": "User not found"}), 404
 return jsonify({"user": user.to_dict()}), 200