In [None]:
!pip install Flask flask_sqlalchemy pyjwt bcrypt psycopg2-binary

In [None]:
from flask import Flask, request, jsonify
from flask_sqlalchemy import SQLAlchemy
import bcrypt
import jwt
import datetime

In [None]:
# Initialize Flask app
app = Flask(__name__)

# Secret key for JWT
app.config['SECRET_KEY'] = 'your_secret_key'
# PostgreSQL configuration (Replace with actual credentials)
app.config['SQLALCHEMY_DATABASE_URI'] = 'postgresql://username:password@localhost/dbname'
db = SQLAlchemy(app)

In [None]:
# User model
class User(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(80), unique=True, nullable=False)
    password = db.Column(db.LargeBinary, nullable=False)

# Create tables
with app.app_context():
    db.create_all()

In [None]:
# Register route
@app.route('/register', methods=['POST'])
def register():
    data = request.get_json()
    username = data['username']
    password = data['password'].encode('utf-8')

    if User.query.filter_by(username=username).first():
        return jsonify({'message': 'Username already exists'}), 409

    hashed_pw = bcrypt.hashpw(password, bcrypt.gensalt())
    new_user = User(username=username, password=hashed_pw)

    db.session.add(new_user)
    db.session.commit()

    return jsonify({'message': 'User registered successfully'}), 201

In [None]:
# Login route
@app.route('/login', methods=['POST'])
def login():
    data = request.get_json()
    username = data['username']
    password = data['password'].encode('utf-8')

    user = User.query.filter_by(username=username).first()

    if user and bcrypt.checkpw(password, user.password):
        token = jwt.encode({
            'user_id': user.id,
            'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=1)
        }, app.config['SECRET_KEY'], algorithm='HS256')

        return jsonify({'token': token}), 200
    else:
        return jsonify({'message': 'Invalid credentials'}), 401

In [None]:
# Protected route
@app.route('/protected', methods=['GET'])
def protected():
    token = request.headers.get('Authorization')

    if not token:
        return jsonify({'message': 'Token is missing!'}), 403

    try:
        data = jwt.decode(token, app.config['SECRET_KEY'], algorithms=['HS256'])
        user = User.query.get(data['user_id'])
    except:
        return jsonify({'message': 'Token is invalid or expired!'}), 403

    return jsonify({'message': f'Welcome {user.username}!'}), 200

In [None]:
# Run Flask app
from threading import Thread

def run_app():
    app.run(port=5000)

thread = Thread(target=run_app)
thread.start()