60 lines
2.2 KiB
Python
60 lines
2.2 KiB
Python
"""Frontend Flask application module."""
|
|
import logging
|
|
from typing import Any, Dict, Optional
|
|
|
|
from database.interface import DatabaseInterface
|
|
from utils.password_utils import PasswordUtils
|
|
from utils.validation import ValidationUtils
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
class AuthService:
|
|
|
|
def __init__(self, database: DatabaseInterface):
|
|
self.db = database
|
|
|
|
def authenticate(
|
|
self, email: str, password: str
|
|
) -> tuple[bool, Optional[Dict[str, Any]], str]:
|
|
if not ValidationUtils.validate_email(email):
|
|
return False, None, "Invalid email format"
|
|
|
|
if not password:
|
|
return False, None, "Password is required"
|
|
try:
|
|
# User holen
|
|
user = self.db.get_user_by_email(email.lower())
|
|
if not user:
|
|
logger.warning(
|
|
f"Authentication failed: user not found for email {email}"
|
|
)
|
|
return False, None, "Invalid email or password"
|
|
# Passwort prüfen
|
|
stored_hash = user.get("password_hash")
|
|
if not stored_hash:
|
|
logger.error(f"No password hash found for user {email}")
|
|
return False, None, "Authentication error"
|
|
# Einfacher Hash-Vergleich (für Rückwärtskompatibilität)
|
|
entered_hash = PasswordUtils.hash_password_simple(password)
|
|
|
|
if entered_hash == stored_hash:
|
|
logger.info(f"Authentication successful for user: {email}")
|
|
# Sensible Daten nicht zurückgeben
|
|
safe_user_data = {
|
|
"id": user["id"],
|
|
"username": user["username"],
|
|
"email": user["email"],
|
|
"created_at": user.get("created_at"),
|
|
}
|
|
return True, safe_user_data, "Authentication successful"
|
|
else:
|
|
logger.warning(
|
|
f"Authentication failed: wrong password for email {email}"
|
|
)
|
|
return False, None, "Invalid email or password"
|
|
|
|
except Exception as e:
|
|
logger.error(f"Authentication error for email {email}: {e}")
|
|
return False, None, "Authentication error"
|