Bootstrap & bootstrap theme startup

config.py

@@ -7,6 +7,9 @@ class Config(object):
     DEBUG = False
     DEVELOPMENT = False
     SECRET_KEY = '97867c1491bea5ee6a8e8436eb11bf2ba6a69ff53ab1b17ecba450d0f2e572e1'
+    JWT_SECRET_KEY = '60a4ba120437004cfc8fc1cf571150f16d950d31aa7c5a4a2fe7a262d4d24bec'
+    JWT_TOKEN_LOCATION = ['cookies']
+    JWT_COOKIE_SECURE = True
 
 
 class DevConfig(Config):
@@ -15,6 +18,7 @@ class DevConfig(Config):
     SQLALCHEMY_DATABASE_URI = 'postgresql+pg8000://josako@localhost:5432/eveAI'
     SQLALCHEMY_BINDS = {'public': 'postgresql+pg8000://josako@localhost:5432/eveAI'}
     EXPLAIN_TEMPLATE_LOADING = True
+    JWT_COOKIE_SECURE = False
 
 
 class ProdConfig(Config):

eveai_app/__init__.py

@@ -35,6 +35,8 @@ def register_extensions(app):
 def register_blueprints(app):
     from .views.user_views import user_bp
     app.register_blueprint(user_bp)
+    from .views.auth_views import auth_bp
+    app.register_blueprint(auth_bp)
 
 
 def register_api(app):

eveai_app/templates/login.html

@@ -0,0 +1,17 @@
+{% extends 'base.html' %}
+
+{% block title %}Login{% endblock %}
+
+{% block content %}
+    <form action="" method="post" novalidate>
+        <p>
+            {{ form.email.label }}<br>
+            {{ form.email(size=80) }}
+        </p>
+        <p>
+            {{ form.password.label }}<br>
+            {{ form.password(size=80) }}
+        </p>
+        <p>{{ form.submit() }}</p>
+    </form>
+{% endblock %}

eveai_app/views/auth_forms.py

@@ -0,0 +1,10 @@
+from flask_wtf import FlaskForm
+from wtforms import PasswordField, SubmitField, EmailField, BooleanField
+from wtforms.validators import DataRequired, Length, Email
+
+
+class LoginForm(FlaskForm):
+    email = EmailField('Email', validators=[DataRequired(), Email()])
+    password = PasswordField('Password', validators=[DataRequired(), Length(min=8)])
+    # remember_me = BooleanField('Remember me')
+    submit = SubmitField('Login')

eveai_app/views/auth_views.py

@@ -0,0 +1,47 @@
+from datetime import datetime as dt, timezone as tz
+from flask import request, redirect, url_for, flash, render_template, Blueprint, jsonify
+from ..models.user import User, Tenant
+from ..extensions import db, bcrypt
+from .auth_forms import LoginForm
+from flask_jwt_extended import (create_access_token, create_refresh_token, set_access_cookies, set_refresh_cookies,
+                                unset_jwt_cookies)
+
+auth_bp = Blueprint('auth_bp', __name__)
+
+
+@auth_bp.route('/login', methods=['GET', 'POST'])
+def login():
+    if request.method == 'POST':
+        email = request.form.get('email')
+        password = request.form.get('password')
+        remember_me = True if request.form.get('remember_me') else False
+
+        user = User.query.filter_by(email=email).first()
+        if user:
+            if bcrypt.check_password_hash(user.password, password):
+                response = jsonify({'msg': 'Login Successful'})
+                flash('Logged in successfully!', category='success')
+                access_token = create_access_token(
+                    identity=user.id,
+                    additional_claims={'tenant': user.tenant_id})
+                refresh_token = create_refresh_token(
+                    identity=user.id,
+                    additional_claims={'tenant': user.tenant_id})
+                set_access_cookies(response, access_token)
+                set_refresh_cookies(response, refresh_token)
+
+                return redirect(url_for('user_bp.user'))
+            else:
+                flash('Incorrect password, try again.', category='error')
+        else:
+            flash('Email does not exist.', category='error')
+
+    form = LoginForm()
+    return render_template('login.html', form=form)
+
+
+@auth_bp.route('/logout', methods=['POST'])
+def logout():
+    response = jsonify({'msg': 'Logout Successful'})
+    unset_jwt_cookies(response)
+    return redirect(url_for('/'))