From f2a0b836e6f1e4435a8547a0bac4ba62bba36f45 Mon Sep 17 00:00:00 2001 From: Kfir Dayan Date: Sun, 7 Jan 2024 13:42:48 +0200 Subject: [PATCH] added loging and logout --- app.py | 2 +- routes/eventRoutes.py | 7 ++++++- routes/userRoutes.py | 11 +++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/app.py b/app.py index d5b6e9f..713fbbf 100644 --- a/app.py +++ b/app.py @@ -25,7 +25,7 @@ class App: self.jwt_manager = JWTManager(self.app) self.app.config['JWT_TOKEN_LOCATION'] = ['cookies'] self.app.config['JWT_COOKIE_NAME'] = 'access_token_cookie' - + self.app.config['JWT_COOKIE_CSRF_PROTECT'] = False def register_blueprints(self): self.app.register_blueprint(userRoutes, url_prefix='/user') diff --git a/routes/eventRoutes.py b/routes/eventRoutes.py index 40b117d..2a6825a 100644 --- a/routes/eventRoutes.py +++ b/routes/eventRoutes.py @@ -1,6 +1,6 @@ from flask import Blueprint, jsonify, request from services.EventService import EventService -from middlewares import validate_event_post_request +from middlewares import validate_event_post_request, authenticate_user eventRoutes = Blueprint('eventRoutes', __name__) @@ -8,6 +8,7 @@ eventRoutes = Blueprint('eventRoutes', __name__) @eventRoutes.route('/', methods=['POST']) @eventRoutes.route('', methods=['POST']) @validate_event_post_request +@authenticate_user def create_event(): try: data = request.json @@ -22,6 +23,7 @@ def create_event(): # Get All Events @eventRoutes.route('/', methods=['GET']) @eventRoutes.route('', methods=['GET']) +@authenticate_user def get_events(): try: return {"events": EventService.get_all_events()}, 200 @@ -30,6 +32,7 @@ def get_events(): # Get Event by ID @eventRoutes.route('/', methods=['GET']) +@authenticate_user def get_event(event_id): try: return {"event": EventService.get_event_by_id(event_id)}, 200 @@ -39,6 +42,7 @@ def get_event(event_id): # Update Event @eventRoutes.route('/', methods=['PUT']) @validate_event_post_request +@authenticate_user def update_event(event_id): try: data = request.json @@ -52,6 +56,7 @@ def update_event(event_id): # DELETE Event @eventRoutes.route('/', methods=['DELETE']) +@authenticate_user def delete_event(event_id): try: deleted_event = EventService.delete_event(event_id) diff --git a/routes/userRoutes.py b/routes/userRoutes.py index 3112394..ce1828f 100644 --- a/routes/userRoutes.py +++ b/routes/userRoutes.py @@ -44,3 +44,14 @@ def loginUser(): return jsonify({'error': 'Invalid credentials'}), 400 except Exception as e: return jsonify({'error': str(e)}), 500 + +@userRoutes.route('/logout', methods=['POST']) +@jwt_required(optional=True) +def logoutUser(): + try: + response = jsonify({'message': 'Logged out successfully'}) + response.set_cookie('access_token_cookie', '', expires=0) + return response, 200 + except Exception as e: + return jsonify({'error': str(e)}), 500 +