from flask import Blueprint, request, jsonify from old_routes import auth_bp from utils.cookie_utils import clear_refresh_token_cookie, set_refresh_token_cookie, get_refresh_token_from_cookie from utils.jwt_utils import generate_access_token, generate_refresh_token, verify_access_token, verify_refresh_token from utils.response_utils import use_response_success, use_response_error, forbidden_response, un_authorized_response from mock_data import MOCK_USERS @auth_bp.route('/login', methods=['POST']) def login(): data = request.get_json() username = data.get('username') password = data.get('password') if not username or not password: return use_response_error('BadRequestException', 'Username and password are required'), 400 user = next((u for u in MOCK_USERS if u['username'] == username and u['password'] == password), None) if not user: clear_refresh_token_cookie() return forbidden_response('Username or password is incorrect.') access_token = generate_access_token(user) refresh_token = generate_refresh_token(user) set_refresh_token_cookie(refresh_token) return use_response_success({ **user, 'access_token': access_token }) @auth_bp.route('/refresh', methods=['POST']) def refresh(): refresh_token = get_refresh_token_from_cookie() if not refresh_token: return forbidden_response() clear_refresh_token_cookie() user_info = verify_refresh_token(refresh_token) if not user_info: return forbidden_response() user = next((u for u in MOCK_USERS if u['username'] == user_info['username']), None) if not user: return forbidden_response() access_token = generate_access_token(user) set_refresh_token_cookie(refresh_token) return jsonify({'access_token': access_token}) @auth_bp.route('/logout', methods=['POST']) def logout(): refresh_token = get_refresh_token_from_cookie() if not refresh_token: return use_response_success('') clear_refresh_token_cookie() return use_response_success('')