From 7422864d1ef0976bd6792e935277df4de1b73e4b Mon Sep 17 00:00:00 2001
From: dcho-jaewook <fermatjw@gmail.com>
Date: Thu, 17 Apr 2025 19:29:32 -0700
Subject: [PATCH] Authentication Route using Supabase

---
 backend/auth_routes.py   | 56 ++++++++++++++++++++++++++++++++++++++++
 backend/main.py          |  3 +++
 backend/requirements.txt |  3 ++-
 3 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 backend/auth_routes.py

diff --git a/backend/auth_routes.py b/backend/auth_routes.py
new file mode 100644
index 0000000..b2c90a6
--- /dev/null
+++ b/backend/auth_routes.py
@@ -0,0 +1,56 @@
+from flask import Blueprint, request, jsonify
+from supabase import create_client, Client
+from dotenv import load_dotenv
+from functools import wraps
+import os
+
+load_dotenv()
+
+supabase_url = os.getenv("SUPABASE_URL")
+supabase_key = os.getenv("SUPABASE_KEY")
+supabase: Client = create_client(supabase_url, supabase_key)
+
+auth = Blueprint("auth", __name__)
+
+# Function to verify JWT token
+def verify_token(token):
+    try:
+        user = supabase.auth.get_user(token)
+        return user
+    except Exception:
+        return None
+
+# Sign-up route
+@auth.route("/signup", methods=["POST"])
+def signup():
+    data = request.get_json()
+    email = data.get("email")
+    password = data.get("password")
+    if not email or not password:
+        return jsonify({"error": "Email and password are required"}), 400
+    try:
+        user = supabase.auth.sign_up({"email": email, "password": password})
+        return jsonify({"message": "User created successfully"}), 201
+    except Exception as e:
+        return jsonify({"error": str(e)}), 400
+
+# Sign-in route
+@auth.route("/signin", methods=["POST"])
+def signin():
+    # Sign in a user with email and password, returning access and refresh tokens.
+    data = request.get_json()
+    email = data.get("email")
+    password = data.get("password")
+    if not email or not password:
+        return jsonify({"status": "error", "message": "Email and password are required"}), 400
+    try:
+        response = supabase.auth.sign_in_with_password({"email": email, "password": password})
+        if response.session is None:
+            return jsonify({"status": "error", "message": "Authentication failed"}), 401
+        return jsonify({
+            "status": "success",
+            "access_token": response.session.access_token,
+            "refresh_token": response.session.refresh_token
+        }), 200
+    except Exception as e:
+        return jsonify({"error": str(e)}), 400
\ No newline at end of file
diff --git a/backend/main.py b/backend/main.py
index a8d63e2..8d6f18d 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -5,12 +5,15 @@
 from flask_cors import CORS
 from dotenv import load_dotenv
 from openai import OpenAI
+from auth_routes import auth
 
 load_dotenv()
 
 app = Flask(__name__)
 CORS(app)
 
+app.register_blueprint(auth)
+
 # Create the OpenAI client
 client = OpenAI(api_key=os.getenv("OPENAI_API_KEY"))
 
diff --git a/backend/requirements.txt b/backend/requirements.txt
index 5ed8781..6f0c521 100644
--- a/backend/requirements.txt
+++ b/backend/requirements.txt
@@ -1,4 +1,5 @@
 flask
 flask-cors
 openai
-python-dotenv
\ No newline at end of file
+python-dotenv
+supabase
\ No newline at end of file