from django.contrib.auth import authenticate, login, logout from django.contrib.auth.models import User from django.http import JsonResponse from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie from django.views.decorators.http import require_http_methods import json @csrf_exempt @require_http_methods(["POST"]) def login_view(request): data = json.loads(request.body) username = data.get('username') password = data.get('password') user = authenticate(request, username=username, password=password) if user: login(request, user) return JsonResponse({ 'success': True, 'user': { 'id': user.id, 'username': user.username, 'email': user.email } }) return JsonResponse({'success': False, 'error': 'Invalid credentials'}, status=401) @csrf_exempt @require_http_methods(["POST"]) def register_view(request): data = json.loads(request.body) username = data.get('username') password = data.get('password') email = data.get('email', '') if User.objects.filter(username=username).exists(): return JsonResponse({'success': False, 'error': 'Username already exists'}, status=400) user = User.objects.create_user(username=username, password=password, email=email) login(request, user) return JsonResponse({ 'success': True, 'user': { 'id': user.id, 'username': user.username, 'email': user.email } }) @csrf_exempt @require_http_methods(["POST"]) def logout_view(request): logout(request) return JsonResponse({'success': True}) def current_user_view(request): if request.user.is_authenticated: return JsonResponse({ 'authenticated': True, 'user': { 'id': request.user.id, 'username': request.user.username, 'email': request.user.email } }) return JsonResponse({'authenticated': False}) @ensure_csrf_cookie def csrf_token_view(request): return JsonResponse({'success': True})