def authenticate(self, email, password): stored = Password.all().filter('email =', email).get() if stored is None: raise BadLoginException('No user with email %s present' % email) if self._hash(password, stored.salt) == stored.hash: return stored.user raise BadLoginException('Incorrect password for email %s' % email)
def update_password(): db.delete([p for p in Password.all().ancestor(user).run()]) Password.new(email=email, salt=salt, hash=self._hash(password, salt), user=user).put()