diff --git a/.gitignore b/.gitignore
index e43b0f988953ae3a84b00331d0ccf5f7d51cb3cf..cb10762d1f8f5f0399fb0d08151b12ff9f273396 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,3 @@
.DS_Store
+__pycache__
+.idea
diff --git a/Backend/main.py b/Backend/main.py
index d24ab73938db166e5032fdc0c93331ebc9307689..70c42cdaf7dd071f8ecabf2b8e71a287135dd300 100644
--- a/Backend/main.py
+++ b/Backend/main.py
@@ -1,41 +1,35 @@
-from flask import Flask, jsonify
-from flask_mysqldb import MySQL
-from routes.category import get_category
-from routes.order import get_order
-from routes.home import get_home
-from routes.cart import get_cart
-from routes.login import post_login
-
-# Initialize APP
-app = Flask(__name__)
-app.config['MYSQL_HOST'] = 'localhost'
-app.config['MYSQL_USER'] = 'root'
-app.config['MYSQL_PASSWORD'] = ''
-app.config['MYSQL_DB'] = 'ElectroMart'
-app.config['MYSQL_UNIX_SOCKET'] = '/Applications/XAMPP/xamppfiles/var/mysql/mysql.sock'
-mysql = MySQL(app)
+from utils.application import app
+#from routes.category import get_category
+#from routes.order import get_order
+#from routes.home import get_home
+#from routes.cart import get_cart
+from routes.login import post_login, post_register
# Routing
-@app.route('/', methods=['GET'])
-def home():
- return get_home()
+#@app.route('/', methods=['GET'])
+#def home():
+# return get_home()
-@app.route('/order/<int:order_id>', methods=['GET'])
-def order(order_id):
- return get_order(order_id)
+#@app.route('/order/<int:order_id>', methods=['GET'])
+#def order(order_id):
+# return get_order(order_id)
-@app.route('/category', methods=['GET'])
-@app.route('/category/<string:category_name>', methods=['GET'])
-def category(category_name):
- return get_category(category_name)
+#@app.route('/category', methods=['GET'])
+#@app.route('/category/<string:category_name>', methods=['GET'])
+#def category(category_name):
+# return routes.category.get_category(category_name)
-@app.route('/cart', methods=['GET'])
-def cart():
- return get_cart()
+#@app.route('/cart', methods=['GET'])
+#def cart():
+# return get_cart()
@app.route('/login', methods=['POST'])
def login():
return post_login()
+@app.route('/register', methods=['POST'])
+def register():
+ return post_register()
+
if __name__ == '__main__':
app.run(debug=True, port=8080)
\ No newline at end of file
diff --git a/Backend/routes/category.py b/Backend/routes/category.py
index fa16d8177549de957f0429aa20f13e1b91faf245..db9e1b3fc4c3c2a90256375d0403434c4b0e67b7 100644
--- a/Backend/routes/category.py
+++ b/Backend/routes/category.py
@@ -1,7 +1,8 @@
-from main import mysql, jsonify
+from main import mysql
+from flask import jsonify
-def category(category_name=None):
+def get_category(category_name=None):
if category_name is None:
cur = mysql.connection.cursor()
cur.execute('''SELECT category.name FROM category''')
diff --git a/Backend/routes/login.py b/Backend/routes/login.py
index 38d429bd05677a49758fcfd7b688d1bbe998849b..f37cf1a9b0b5ae0f60dba83433ca615b2a15b9c2 100644
--- a/Backend/routes/login.py
+++ b/Backend/routes/login.py
@@ -1,5 +1,72 @@
-from main import mysql, jsonify
+from utils.application import mysql
+from flask import request, jsonify, make_response
+import bcrypt
def post_login():
- # TODO Add authentication logic here
- return "Login successful"
+
+ # Get data from request
+ data = request.json
+ email = data["email"]
+ password = data["password"]
+
+ # Check if user exists and/or password exists
+ cur = mysql.connection.cursor()
+ cur.execute('''SELECT user.email, user.hash, user.salt FROM user WHERE user.email = %s''', (email,))
+ dbData = cur.fetchall()
+ cur.close()
+
+ # Check if user exists
+ if len(dbData) <= 0:
+ return jsonify({"message": "Incorrect login information."}), 400
+
+ salt = dbData[0][2].encode("utf-8")
+ hash = hash_function(password, salt)
+
+ # Password check
+ if hash.decode("utf-8") != dbData[0][1]:
+ return jsonify({"message": "Incorrect login information."}), 400
+
+ # Set cookie
+ response = make_response(jsonify({"message": "Login successful"}))
+
+ # Cookie lasts 24 hours
+ response.set_cookie('logged_in', email, max_age=60*60*24)
+ return response, 200
+
+def post_register():
+ # Get data from request
+ data = request.json
+ email = data['email']
+ password = data['password']
+ firstname = data['firstname']
+ lastname = data['lastname']
+ address = data['address']
+
+ # Hash and salt password
+ salt = bcrypt.gensalt()
+ password = hash_function(password, salt)
+
+ # Check if email already exists
+ cur = mysql.connection.cursor()
+ cur.execute('''SELECT user.email FROM user WHERE user.email = %s''', (email,))
+ data = cur.fetchall()
+ cur.close()
+
+ # If email already exists, return error
+ if len(data) > 0:
+ return jsonify({"message": "Email already exists"}), 400
+
+ cur = mysql.connection.cursor()
+ cur.execute('''INSERT INTO user_details (email, first_name, last_name, address) VALUES (%s, %s, %s, %s)''', (email, firstname, lastname, address))
+ cur.execute('''INSERT INTO user (email, hash, salt) VALUES (%s, %s, %s)''', (email, password, salt))
+ mysql.connection.commit()
+ cur.close()
+
+ return "", 201
+
+
+def hash_function(password, salt):
+ password = password.encode("utf-8")
+ hashed = bcrypt.hashpw(password, salt)
+ return hashed
+
diff --git a/Backend/tempCodeRunnerFile.py b/Backend/tempCodeRunnerFile.py
new file mode 100644
index 0000000000000000000000000000000000000000..0d46ca321428166727a635344185ce7526c3b101
--- /dev/null
+++ b/Backend/tempCodeRunnerFile.py
@@ -0,0 +1 @@
+mysql
\ No newline at end of file
diff --git a/Backend/utils/application.py b/Backend/utils/application.py
new file mode 100644
index 0000000000000000000000000000000000000000..fa71ac7b86956e7b089b599e19967ef7ae00e87b
--- /dev/null
+++ b/Backend/utils/application.py
@@ -0,0 +1,11 @@
+from flask import Flask
+from flask_mysqldb import MySQL
+
+app = Flask(__name__)
+app.config['MYSQL_HOST'] = 'localhost'
+app.config['MYSQL_USER'] = 'root'
+app.config['MYSQL_PASSWORD'] = ''
+app.config['MYSQL_DB'] = 'ElectroMart'
+app.config['MYSQL_UNIX_SOCKET'] = '/Applications/XAMPP/xamppfiles/var/mysql/mysql.sock'
+mysql = MySQL(app)
+
diff --git a/Database/project_db.sql b/Database/project_db.sql
index 437655a042079dfe0c54a1eab8458b2bdcb7e629..0ac35a4436cbd1568105dfa93050a565958998f8 100644
--- a/Database/project_db.sql
+++ b/Database/project_db.sql
@@ -168,7 +168,8 @@ INSERT INTO `sub_category_in_category` (`parent_category_id`, `sub_category_id`)
CREATE TABLE `user` (
`user_id` int(11) NOT NULL,
- `password` varchar(255) DEFAULT NULL,
+ `hash` varchar(255) DEFAULT NULL,
+ `salt` varchar(255) DEFAULT NULL,
`email` varchar(255) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_danish_ci;
@@ -176,11 +177,11 @@ CREATE TABLE `user` (
-- Dataark for tabell `user`
--
-INSERT INTO `user` (`user_id`, `password`, `email`) VALUES
-(1, 'password1', 'user1@example.com'),
-(2, 'password2', 'user2@example.com'),
-(3, 'password3', 'user3@example.com'),
-(4, 'password4', 'user4@example.com');
+INSERT INTO `user` (`user_id`, `hash`, `salt`, `email`) VALUES
+(1, 'password1', '123', 'user1@example.com'),
+(2, 'password2', '124', 'user2@example.com'),
+(3, 'password3', '125', 'user3@example.com'),
+(4, 'password4', '126', 'user4@example.com');
-- --------------------------------------------------------
@@ -277,6 +278,7 @@ ALTER TABLE `sub_category_in_category`
-- Indexes for table `user`
--
ALTER TABLE `user`
+ MODIFY `user_id` int(11) NOT NULL AUTO_INCREMENT,
ADD PRIMARY KEY (`user_id`),
ADD KEY `email` (`email`);