78 lines
2.4 KiB
Python
78 lines
2.4 KiB
Python
"""
|
|
Authentication routes: login, logout, validate-token.
|
|
"""
|
|
|
|
from flask import Blueprint, request, jsonify
|
|
|
|
from services.token_service import validate_token
|
|
|
|
auth_bp = Blueprint('auth', __name__)
|
|
|
|
|
|
@auth_bp.route('/login', methods=['POST'])
|
|
def login():
|
|
"""Handle student login with token."""
|
|
try:
|
|
data = request.get_json()
|
|
token = data.get('token', '').strip()
|
|
|
|
if not token:
|
|
return jsonify({'success': False, 'message': 'Token is required'})
|
|
|
|
student_info = validate_token(token)
|
|
if student_info:
|
|
response = jsonify({
|
|
'success': True,
|
|
'student_name': student_info['student_name'],
|
|
'is_teacher': student_info.get('is_teacher', False),
|
|
'message': 'Login successful',
|
|
})
|
|
response.set_cookie(
|
|
'student_token', token,
|
|
httponly=True, secure=False, samesite='Lax', max_age=86400,
|
|
)
|
|
return response
|
|
else:
|
|
return jsonify({'success': False, 'message': 'Invalid token'})
|
|
|
|
except Exception as e:
|
|
return jsonify({'success': False, 'message': f'Error processing login: {e}'})
|
|
|
|
|
|
@auth_bp.route('/logout', methods=['POST'])
|
|
def logout():
|
|
"""Handle student logout."""
|
|
try:
|
|
response = jsonify({'success': True, 'message': 'Logout successful'})
|
|
response.set_cookie('student_token', '', expires=0)
|
|
return response
|
|
except Exception as e:
|
|
return jsonify({'success': False, 'message': f'Error processing logout: {e}'})
|
|
|
|
|
|
@auth_bp.route('/validate-token', methods=['POST'])
|
|
def validate_token_route():
|
|
"""Validate a token without logging in."""
|
|
try:
|
|
data = request.get_json()
|
|
token = data.get('token', '').strip()
|
|
|
|
if not token:
|
|
token = request.cookies.get('student_token', '').strip()
|
|
|
|
if not token:
|
|
return jsonify({'success': False, 'message': 'Token is required'})
|
|
|
|
student_info = validate_token(token)
|
|
if student_info:
|
|
return jsonify({
|
|
'success': True,
|
|
'student_name': student_info['student_name'],
|
|
'is_teacher': student_info.get('is_teacher', False),
|
|
})
|
|
else:
|
|
return jsonify({'success': False, 'message': 'Invalid token'})
|
|
|
|
except Exception as e:
|
|
return jsonify({'success': False, 'message': f'Error validating token: {e}'})
|