## Lesson: REST API Authentication with Flask and Database

### This example demonstrates:  
1. Basic authentication with username and password.  
2. Token-based authentication using JWT.  
3. SQLite database integration using SQLAlchemy.  

In [None]:
!pip install flask --break-system-packages
!pip install flask-restx  --break-system-packages
!pip install flask-sqlalchemy --break-system-packages
!pip install mysql-connector-python --break-system-packages
!pip install flask-migrate --break-system-packages
!pip install flask flask-jwt-extended --break-system-packages

In [None]:
# Import necessary libraries and modules
from flask import Flask, Blueprint, jsonify, request
from flask_jwt_extended import JWTManager, create_access_token, jwt_required, get_jwt_identity
from flask_sqlalchemy import SQLAlchemy
from werkzeug.security import generate_password_hash, check_password_hash
from werkzeug.serving import run_simple

# Initialize Flask app
app = Flask(__name__)

# Configurations
app.config['JWT_SECRET_KEY'] = 'your_secret_key'  # Secret key for JWT
app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql+mysqlconnector://root:top!secret@localhost:3307/flask_alchemy'  # Database URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False  # Disable modification tracking

# Initialize extensions
jwt = JWTManager(app)  # Initialize JWT manager
db = SQLAlchemy(app)  # Initialize SQLAlchemy

# User model
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)  # Primary key
    username = db.Column(db.String(80), unique=True, nullable=False)  # Username field
    password = db.Column(db.String(120), nullable=False)  # Password field

# Create database tables
with app.app_context():
    db.create_all()

# Create a Blueprint
auth_bp = Blueprint('auth', __name__, url_prefix='/auth')  # Create a Blueprint for authentication routes

@auth_bp.route('/register', methods=['POST'])
def register():
    data = request.json  # Get JSON data from request
    username = data.get('username')  # Extract username
    password = data.get('password')  # Extract password

    if User.query.filter_by(username=username).first():  # Check if username already exists
        return jsonify({"msg": "Username already exists"}), 400

    hashed_password = generate_password_hash(password)  # Hash the password
    new_user = User(username=username, password=hashed_password)  # Create new user
    db.session.add(new_user)  # Add new user to session
    db.session.commit()  # Commit session

    return jsonify({"msg": "User registered successfully"}), 201  # Return success message

@auth_bp.route('/login', methods=['POST'])
def login():
    data = request.json  # Get JSON data from request
    username = data.get('username')  # Extract username
    password = data.get('password')  # Extract password

    user = User.query.filter_by(username=username).first()  # Query user by username
    if not user or not check_password_hash(user.password, password):  # Check if user exists and password is correct
        return jsonify({"msg": "Invalid username or password"}), 401

    access_token = create_access_token(identity=username)  # Create access token
    return jsonify(access_token=access_token)  # Return access token

@auth_bp.route('/protected', methods=['GET'])
@jwt_required()  # Require JWT token
def protected():
    current_user = get_jwt_identity()  # Get current user identity
    return jsonify({"msg": f"Hello, {current_user}! This is a protected endpoint."})  # Return protected message

@auth_bp.route('/public', methods=['GET'])
def public():
    return jsonify({"msg": "This is a public endpoint."})  # Return public message

# Register the Blueprint
app.register_blueprint(auth_bp)  # Register the Blueprint with the Flask app

# Run the application
run_simple('localhost', 5000, app)

In [None]:
# Import necessary libraries and modules
from flask import Flask, jsonify, request
from flask_jwt_extended import JWTManager, create_access_token, jwt_required, get_jwt_identity
from flask_sqlalchemy import SQLAlchemy
from flask_restx import Api, Resource, fields
from werkzeug.security import generate_password_hash, check_password_hash
from werkzeug.serving import run_simple

# Initialize Flask app
app = Flask(__name__)

# Configurations
app.config['JWT_SECRET_KEY'] = 'your_secret_key'  # Secret key for JWT
app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql+mysqlconnector://root:top!secret@localhost:3307/flask_alchemy'  # Database URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False  # Disable modification tracking

# Initialize extensions
jwt = JWTManager(app)  # Initialize JWT manager
db = SQLAlchemy(app)  # Initialize SQLAlchemy

# User model
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)  # Primary key
    username = db.Column(db.String(80), unique=True, nullable=False)  # Username field
    password = db.Column(db.String(120), nullable=False)  # Password field

# Create database tables
with app.app_context():
    db.create_all()

# Initialize Flask-RESTx
api = Api(app, version='1.0', title='Auth API', description='A simple authentication API')

# Define a Namespace
auth_ns = api.namespace('auth', description='Authentication operations')

# Define Models for Swagger Documentation
user_model = api.model('User', {
    'username': fields.String(required=True, description='The username'),  # Username field for Swagger
    'password': fields.String(required=True, description='The password'),  # Password field for Swagger
})

# Routes
@auth_ns.route('/register')
class Register(Resource):
    @auth_ns.expect(user_model)  # Expect user_model in request body
    def post(self):
        data = request.json  # Get JSON data from request
        username = data.get('username')  # Extract username
        password = data.get('password')  # Extract password

        if User.query.filter_by(username=username).first():  # Check if username already exists
            return {"msg": "Username already exists"}, 400

        hashed_password = generate_password_hash(password)  # Hash the password
        new_user = User(username=username, password=hashed_password)  # Create new user
        db.session.add(new_user)  # Add new user to session
        db.session.commit()  # Commit session

        return {"msg": "User registered successfully"}, 201  # Return success message

@auth_ns.route('/login')
class Login(Resource):
    @auth_ns.expect(user_model)  # Expect user_model in request body
    def post(self):
        data = request.json  # Get JSON data from request
        username = data.get('username')  # Extract username
        password = data.get('password')  # Extract password

        user = User.query.filter_by(username=username).first()  # Query user by username
        if not user or not check_password_hash(user.password, password):  # Check if user exists and password is correct
            return {"msg": "Invalid username or password"}, 401

        access_token = create_access_token(identity=username)  # Create access token
        return {"access_token": access_token}  # Return access token

@auth_ns.route('/protected')
class Protected(Resource):
    @jwt_required()  # Require JWT token
    def get(self):
        current_user = get_jwt_identity()  # Get current user identity
        return {"msg": f"Hello, {current_user}! This is a protected endpoint."}  # Return protected message

@auth_ns.route('/public')
class Public(Resource):
    def get(self):
        return {"msg": "This is a public endpoint."}  # Return public message

# Run the application
run_simple('localhost', 5000, app)