def signup(username, password, password_verify, email): """ Signs up the user :param username: :param password: :param password_verify: :param email: :return: """ # username and password are filled if username and password: if password == password_verify: # username exists if User.by_username(username): raise Exception( "This username already exists," " please try a diferent one") else: hashed_password = bcrypt.hashpw(password, bcrypt.gensalt()) user = User(username=username, password=hashed_password, email=email) user.put() return str(user.key().id()) else: raise Exception("Both passwords must match.") else: raise Exception("Username and Password are required to Sign Up.")
def login(username, password): """ Authenticate the user :param username: :param password: :return: """ # username and password are filled if username and password: # verify if user exists user = User.by_username(username) # exits if user: hashed_password = user.password # if password matches if bcrypt.hashpw(password, hashed_password) == hashed_password: return str(user.key().id()) else: # generalizes the message to prevent username tumpering raise Exception("Username or password invalid") else: raise Exception("Username or password invalid.") else: raise Exception("Username and Password are required to login")