eveAI/eveai_app/views/auth_views.py

from datetime import datetime as dt, timezone as tz
from flask import request, redirect, url_for, flash, render_template, Blueprint, jsonify, session
from ..models.user import User, Tenant
from ..extensions import db, bcrypt
from .auth_forms import LoginForm
from flask_jwt_extended import (create_access_token, create_refresh_token, set_access_cookies, set_refresh_cookies,
                                unset_jwt_cookies)

auth_bp = Blueprint('auth_bp', __name__)


@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'POST':
        email = request.form.get('email')
        password = request.form.get('password')
        # remember_me = True if request.form.get('remember_me') else False

        user = User.query.filter_by(email=email).first()
        tenant = Tenant.query.filter_by(id=user.tenant_id).first()
        if user:
            if user.is_active:
                if bcrypt.check_password_hash(user.password, password):
                    response = jsonify({'msg': 'Login Successful'})
                    flash('Logged in successfully!', category='success')

                    # set session information
                    # session['user_id'] = user.id
                    # session['user_name'] = user.user_name
                    # session['email'] = user.email
                    # session['tenant_id'] = user.tenant_id
                    # session['tenant_name'] = tenant.name

                    # set JWT header information
                    additional_claims = {'tenant': user.tenant_id,
                                         'is_super': user.is_super,
                                         'is_admin': user.is_admin,
                                         'is_tester': user.is_tester}
                    access_token = create_access_token(
                        identity=user.id,
                        additional_claims=additional_claims)
                    refresh_token = create_refresh_token(
                        identity=user.id,
                        additional_claims=additional_claims)
                    set_access_cookies(response, access_token)
                    set_refresh_cookies(response, refresh_token)
                    response.headers['Location'] = url_for('user_bp.user')

                    return response, 302
                else:
                    flash('Incorrect email/password combination, try again.', category='error')
            else:
                flash('Account disabled. Please contact your administrator.', category='error')
        else:
            flash('Incorrect email/password combination, try again.', category='error')

    form = LoginForm()
    return render_template('login.html', form=form)


@auth_bp.route('/logout', methods=['POST'])
def logout():
    response = jsonify({'msg': 'Logout Successful'})
    unset_jwt_cookies(response)
    return redirect(url_for('/'))