def post(self):
username = self.request.get("username")
exists = User.all().filter("username ="******"status": "ERROR", "error": "There is already a user with that username. Choose another."}))
return
pwhash = self.request.get("password")
user = User()
user.username = username
user.salt = ''.join(random.choice(string.ascii_letters + string.digits) for x in range(self.SALT_LENGTH))
h = hashlib.sha256()
h.update(user.salt + pwhash)
user.pw_hsh = h.hexdigest()
user.token = utils.generateCookie(username)
user.put()
self.response.set_cookie("PBLOGIN", user.token, max_age=utils.cookieExpiration(), secure=not(ON_DEV))
self.response.write(json.dumps({"status": "OK"}))
def post(self):
username = self.request.get("username")
user = User.all().filter("username ="******"status": "ERROR", "error": "There is no user with that username."}))
return
pwhash = self.request.get("password")
h = hashlib.sha256()
h.update(user.salt + pwhash)
if user.pw_hsh != h.hexdigest():
self.response.write(json.dumps({"status": "ERROR", "error": "Incorrect password."}))
return
newcookie = utils.generateCookie(username)
user.token = newcookie
user.put()
expiration = utils.cookieExpiration()
self.response.set_cookie("PBLOGIN", user.token, max_age=expiration, secure=not(ON_DEV))
self.response.write(json.dumps({"status": "OK"}))
