Nirodan
50 lines
1.5 KiB
Python
50 lines
1.5 KiB
Python
from flask import request, jsonify
|
|
from mysql.connector import connect
|
|
from werkzeug.security import check_password_hash
|
|
from datetime import datetime, timedelta
|
|
import jwt
|
|
|
|
from util.logger import logger
|
|
from util.db_config import load_config
|
|
from auth.token import SECRET_KEY
|
|
|
|
def login_route():
|
|
data = request.get_json()
|
|
username = data.get('username')
|
|
password = data.get('password')
|
|
|
|
if not SECRET_KEY:
|
|
logger.error("Login blocked: SECRET_KEY is not configured.")
|
|
return jsonify({"message": "Server misconfigured"}), 500
|
|
|
|
try:
|
|
config = load_config()
|
|
conn = connect(**config)
|
|
cursor = conn.cursor(dictionary=True)
|
|
cursor.execute("SELECT * FROM users WHERE username = %s", (username,))
|
|
user = cursor.fetchone()
|
|
cursor.close()
|
|
conn.close()
|
|
|
|
if user and check_password_hash(user['password'], password):
|
|
logger.info(f"✅ Login successful: {username}")
|
|
|
|
payload = {
|
|
"username": user['username'],
|
|
"role": user['role'],
|
|
"exp": datetime.utcnow() + timedelta(minutes=60)
|
|
}
|
|
token = jwt.encode(payload, SECRET_KEY, algorithm="HS256")
|
|
|
|
return jsonify({
|
|
"token": token,
|
|
"role": user['role']
|
|
})
|
|
|
|
logger.warning(f"⛔ Login failed: {username}")
|
|
return jsonify({"message": "Login failed"}), 401
|
|
|
|
except Exception as e:
|
|
logger.error(f"[Login Error] {e}")
|
|
return jsonify({"message": "Server error"}), 500
|