1. JWT ไปค็‰Œ๏ผš

ๅ‰็ซฏๅ‘้€็š„ๅฝขๅผๆœ‰๏ผš

  1. Bearer TOKEN_STRING
  2. TOKEN_STRING
  3. JWT TOKEN_STRING

ๆณจๆ„๏ผšTOKEN_STRING ๆ˜ฏๆฒกๆœ‰ๅผ•ๅท็š„

ๅŽ็ซฏๅ‘้€id็ญ‰ๆ•ฐๅญ—ๆ—ถ้œ€่ฝฌไธบstring๏ผš

@bp.route('/login', methods=['POST'])
def login():
    data = request.get_json() or {}
    
    if not data.get('username') or not data.get('password'):
        return jsonify({"msg": "Username and password required"}), 400
    
    user = User.query.filter_by(username=data.get('username'), is_deleted=False).first()
    if user is None or not user.check_password(data.get('password')):
        return jsonify({"msg": "Invalid username or password"}), 401

    # Create both access and refresh tokens
    # ๆณจๆ„๏ผš่ฟ™้‡Œๆ•ฐๅญ—่ฎฐๅพ—่ฝฌๆขๆˆstring
    access_token = create_access_token(identity=str(user.id))
    refresh_token = create_refresh_token(identity=str(user.id))
    
    # Return both tokens and user information
    return jsonify({
        "access_token": access_token,
        "refresh_token": refresh_token,
        "user": user.to_dict(include_contact=True)
    }), 200