auth_admin.error_handler(access_denied)
def verify(username_or_token, password):
user = User.verify_auth_token(username_or_token)
if not user:
user = User.query.filter_by(login=username_or_token).first()
if not user or not user.verify_password(password):
return False
g.user = user
return True
def verify_admin(username, password):
user = User.verify_auth_token(username)
if not user:
user = User.query.filter_by(login=username).first()
if not user or not user.verify_password(password):
return False
if user.is_superuser:
g.user = user
return True
return False
auth.verify_password(verify)
auth_admin.verify_password(verify_admin)
