office auth

app/api/services/__init__.py

@@ -12,4 +12,5 @@ from app.api.services.register import RegisterService
 from app.api.services.products import ProductsService
 from app.api.services.account import AccountService
 from app.api.services.myproduct import MyProductsService
-from app.api.services.contacts import ContactService
+from app.api.services.contacts import ContactService
+from app.api.services.office_auth import OfficeAuthService

app/api/services/office_auth.py

@@ -0,0 +1,69 @@
+from flask import session, jsonify
+from marshmallow import ValidationError
+from werkzeug.security import generate_password_hash, check_password_hash
+import datetime
+import jwt
+from app.config import Config
+
+
+class OfficeAuthService:
+    @staticmethod
+    def login(username, password):
+        """
+        Login method that checks for specific credentials and returns a JWT token
+        """
+        # Define valid credentials for testing
+        valid_credentials = {
+            "mermsuser": "mermsuser",
+            "admin": "admin123",
+            "test": "test123"
+        }
+
+        # Check if the provided credentials are valid
+        if username in valid_credentials and password == valid_credentials[username]:
+            # Generate JWT token with 15 minutes expiration
+            payload = {
+                'sub': username,  # Subject (typically user ID)
+                'iat': datetime.datetime.utcnow(),  # Issued at
+                'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=15),  # Expiration (15 minutes)
+                'role': 'admin' if username == 'admin' else 'user'  # Role based on username
+            }
+
+            # Get the secret key from config
+            secret_key = Config.JWT_SECRET_KEY
+
+            # Generate the token
+            token = jwt.encode(payload, secret_key, algorithm='HS256')
+
+            # Return the token and user info
+            return {
+                'jwt_token': token,
+                'user': {
+                    'username': username,
+                    'role': 'admin' if username == 'admin' else 'user'
+                },
+                'expires_in': 900  # 15 minutes in seconds
+            }
+        else:
+            # Return error for invalid credentials
+            return {
+                'error': 'Invalid credentials',
+                'message': 'The username or password is incorrect'
+            }, 401
+
+    @staticmethod
+    def verify_token(token):
+        """
+        Verify the JWT token
+        """
+        try:
+            # Get the secret key from config
+            secret_key = Config.JWT_SECRET_KEY
+
+            # Decode the token
+            payload = jwt.decode(token, secret_key, algorithms=['HS256'])
+            return payload
+        except jwt.ExpiredSignatureError:
+            return None  # Token has expired
+        except jwt.InvalidTokenError:
+            return None  # Invalid token