from django.contrib.auth import authenticate from django.contrib.auth.models import User from rest_framework import status from rest_framework.decorators import api_view from rest_framework.response import Response from rest_framework.authtoken.models import Token @api_view(['POST']) def login(request): username = request.data.get('username') password = request.data.get('password') if not username or not password: return Response( {'error': 'Username and password are required'}, status=status.HTTP_400_BAD_REQUEST ) user = authenticate(username=username, password=password) if user: token, created = Token.objects.get_or_create(user=user) return Response({ 'token': token.key, 'user_id': user.id, 'username': user.username }) else: return Response( {'error': 'Invalid credentials'}, status=status.HTTP_401_UNAUTHORIZED ) @api_view(['POST']) def register(request): username = request.data.get('username') email = request.data.get('email') password = request.data.get('password') if not username or not password or not email: return Response( {'error': 'Username, email, and password are required'}, status=status.HTTP_400_BAD_REQUEST ) if User.objects.filter(username=username).exists(): return Response( {'error': 'Username already exists'}, status=status.HTTP_400_BAD_REQUEST ) if User.objects.filter(email=email).exists(): return Response( {'error': 'Email already exists'}, status=status.HTTP_400_BAD_REQUEST ) user = User.objects.create_user( username=username, email=email, password=password ) token = Token.objects.create(user=user) return Response({ 'token': token.key, 'user_id': user.id, 'username': user.username }, status=status.HTTP_201_CREATED)