def verify_password(username_or_token, password):
# first try to authenticate by token
user = Users.verify_auth_token(username_or_token)
if not user:
# try to authenticate with username/password
try:
user = Users.get(Users.username == username_or_token)
except:
user = None
if not user or not user.verify_password(password):
return False
g.user = user
return True
def doLogin(username, password):
try:
with db.transaction():
pass_hash = hashlib.md5(password.encode('utf-8')).hexdigest()
user = Users.get(Users.username == username
and Users.password == pass_hash)
except (IntegrityError, Users.DoesNotExist) as ex:
print(ex)
db.rollback()
message = "username/password is wrong."
return (False, message)
else:
if user:
message = "Login Success!"
return (True, message)
else:
message = "username/password is wrong."
return (False, message)