Implement complete JWT authentication system with Flask

planventure-api/.gitignore

@@ -0,0 +1,42 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+env/
+venv/
+api-venv/
+ENV/
+
+# Flask
+instance/
+.webassets-cache
+
+# Database
+*.db
+*.sqlite3
+
+# Test files
+test_*.py
+*_test.py
+tests/
+
+# Environment variables
+.env
+
+# Development tools
+bruno_installer.exe
+check_*.py
+simple_check.py
+robust_init_db.py
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS
+.DS_Store
+Thumbs.db

planventure-api/BRUNO_EXAMPLES.md

@@ -0,0 +1,59 @@
+# Ejemplos de peticiones para Bruno API Client
+
+## 1. Health Check
+GET http://127.0.0.1:5000/health
+
+## 2. Registro de Usuario
+POST http://127.0.0.1:5000/auth/register
+Content-Type: application/json
+
+{
+    "email": "[email protected]",
+    "password": "mipassword123"
+}
+
+## 3. Login de Usuario
+POST http://127.0.0.1:5000/auth/login
+Content-Type: application/json
+
+{
+    "email": "[email protected]",
+    "password": "mipassword123"
+}
+
+## 4. Obtener Perfil (requiere token JWT)
+GET http://127.0.0.1:5000/auth/profile
+Authorization: Bearer YOUR_ACCESS_TOKEN_HERE
+
+---
+
+## Formato de respuesta esperado para registro exitoso:
+{
+    "message": "User registered successfully",
+    "user": {
+        "id": 1,
+        "email": "[email protected]"
+    },
+    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
+    "refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."
+}
+
+## Posibles errores comunes:
+
+### Email inválido (400):
+{
+    "error": "invalid_email",
+    "message": "Please provide a valid email address"
+}
+
+### Usuario ya existe (409):
+{
+    "error": "user_exists",
+    "message": "User with this email already exists"
+}
+
+### Contraseña muy corta (400):
+{
+    "error": "weak_password",
+    "message": "Password must be at least 6 characters long"
+}

planventure-api/app.py

@@ -1,16 +1,87 @@
 from flask import Flask, jsonify
 from flask_cors import CORS
+from flask_jwt_extended import JWTManager
+from dotenv import load_dotenv
+from datetime import timedelta
+import os
+
+from database import init_db
+
+# Load environment variables
+load_dotenv()
 
 app = Flask(__name__)
-CORS(app)
+
+# Basic configurations
+app.config['SECRET_KEY'] = os.getenv('SECRET_KEY', 'dev-secret-key')
+app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv('DATABASE_URL', 'sqlite:///planventure.db')
+app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
+app.config['JWT_SECRET_KEY'] = os.getenv('JWT_SECRET_KEY', 'jwt-secret-key')
+
+# Initialize extensions
+CORS(app, origins=os.getenv('CORS_ORIGINS', 'http://localhost:3000').split(','))
+jwt = JWTManager(app)
+
+# JWT Configuration
+app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(hours=1)
+app.config['JWT_REFRESH_TOKEN_EXPIRES'] = timedelta(days=30)
+
+# JWT Error Handlers
+@jwt.expired_token_loader
+def expired_token_callback(jwt_header, jwt_payload):
+    return jsonify({
+        'error': 'token_expired',
+        'message': 'The token has expired'
+    }), 401
+
+@jwt.invalid_token_loader
+def invalid_token_callback(error):
+    print(f"Invalid token error: {error}")  # Debug log
+    return jsonify({
+        'error': 'invalid_token',
+        'message': f'Invalid token: {str(error)}'
+    }), 401
+
+@jwt.unauthorized_loader
+def missing_token_callback(error):
+    return jsonify({
+        'error': 'authorization_required',
+        'message': 'Request does not contain an access token'
+    }), 401
+
+# Initialize database
+init_db(app)
+
+# Import models after db initialization
+from models.user import User
+from models.trip import Trip
+
+# Import and register blueprints
+from auth_routes import auth_bp
+app.register_blueprint(auth_bp)
+
+# Note: Database tables are created by init_db() function
 
 @app.route('/')
 def home():
     return jsonify({"message": "Welcome to PlanVenture API"})
 
 @app.route('/health')
 def health_check():
-    return jsonify({"status": "healthy"})
+    try:
+        # Test database connection by counting users
+        user_count = User.query.count()
+        return jsonify({
+            "status": "healthy",
+            "database": "connected",
+            "users_count": user_count
+        })
+    except Exception as e:
+        return jsonify({
+            "status": "unhealthy",
+            "database": "error",
+            "error": str(e)
+        }), 500
 
 if __name__ == '__main__':
     app.run(debug=True)