MERMS/MermsCoreFlask
1
0
Fork 0
Code Issues Pull Requests Releases Activity

office auth

Browse Source
This commit is contained in:
CHIEFSOFT\ameye
2025-07-21 06:19:06 -04:00
parent 9710390254
commit 45e7d64963
3 changed files with 96 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/api/routes/routes.py
+25
View File
@@ -14,6 +14,7 @@ from app.api.services import (
AuthorizationService,
MyProductsService,
ContactService,
OfficeAuthService
)
from app.utils.logger import logger
from app.api.middlewares import enforce_json, require_auth
@@ -195,6 +196,30 @@ def test_check():
#response = ProductsService.process_request(data)
return {"status": "ok"}, 200
#======================================================
@api.route('/office/login', methods=['POST'])
def login():
data = request.get_json()
# Check if username and password are provided
if not data or 'username' not in data or 'password' not in data:
return jsonify({
'error': 'Missing credentials',
'message': 'Username and password are required'
}), 400
username = data.get('username', '')
password = data.get('password', '')
# Call the login method from AuthService
result = OfficeAuthService.login(username, password)
# Check if result is a tuple (error response)
if isinstance(result, tuple):
return jsonify(result[0]), result[1]
return jsonify(result)
#=====================================================
# # EligibilityCheck Endpoint
# @api.route("/EligibilityCheck", methods=["POST"])
app/api/services/__init__.py
+2 -1
View File
@@ -12,4 +12,5 @@ from app.api.services.register import RegisterService
from app.api.services.products import ProductsService
from app.api.services.account import AccountService
from app.api.services.myproduct import MyProductsService
from app.api.services.contacts import ContactService
from app.api.services.contacts import ContactService
from app.api.services.office_auth import OfficeAuthService
app/api/services/office_auth.py
+69
View File
@@ -0,0 +1,69 @@
from flask import session, jsonify
from marshmallow import ValidationError
from werkzeug.security import generate_password_hash, check_password_hash
import datetime
import jwt
from app.config import Config
class OfficeAuthService:
@staticmethod
def login(username, password):
"""
Login method that checks for specific credentials and returns a JWT token
"""
# Define valid credentials for testing
valid_credentials = {
"mermsuser": "mermsuser",
"admin": "admin123",
"test": "test123"
}
# Check if the provided credentials are valid
if username in valid_credentials and password == valid_credentials[username]:
# Generate JWT token with 15 minutes expiration
payload = {
'sub': username, # Subject (typically user ID)
'iat': datetime.datetime.utcnow(), # Issued at
'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15), # Expiration (15 minutes)
'role': 'admin' if username == 'admin' else 'user' # Role based on username
}
# Get the secret key from config
secret_key = Config.JWT_SECRET_KEY
# Generate the token
token = jwt.encode(payload, secret_key, algorithm='HS256')
# Return the token and user info
return {
'jwt_token': token,
'user': {
'username': username,
'role': 'admin' if username == 'admin' else 'user'
},
'expires_in': 900 # 15 minutes in seconds
}
else:
# Return error for invalid credentials
return {
'error': 'Invalid credentials',
'message': 'The username or password is incorrect'
}, 401
@staticmethod
def verify_token(token):
"""
Verify the JWT token
"""
try:
# Get the secret key from config
secret_key = Config.JWT_SECRET_KEY
# Decode the token
payload = jwt.decode(token, secret_key, algorithms=['HS256'])
return payload
except jwt.ExpiredSignatureError:
return None # Token has expired
except jwt.InvalidTokenError:
return None # Invalid token