def put(self, username):
"Add a session for a user and return the session cookie"
parser = restful.reqparse.RequestParser()
parser.add_argument("password", type=str, help="password.", required=True)
args = parser.parse_args()
user = User.query.filter(User.username == username).first()
if not user:
return{}, 404
if not user.verify_password(args.password):
return {}, 401
if not user.active:
return {}, 304
s = Session()
s.from_request(request)
user.sessions.append(s)
db.session.add(user)
db.session.add(s)
db.session.commit()
session['session'] = s.session_id
log("%s logged in." % user.username)
response = user.jsonify()
response['session'] = s.jsonify()
return response
def put(self):
"""
Create a user given a username and password.
"""
parser = reqparse.RequestParser()
parser.add_argument("username", type=unicode, help="Username.", required=True)
parser.add_argument("password", type=unicode, help="Password.", required=True)
args = parser.parse_args()
if "PERMIT_NEW_ACCOUNTS" in app.config and \
not app.config["PERMIT_NEW_ACCOUNTS"]:
return {"message":"This server isn't allowing new accounts at this time."}, 304
if User.query.filter(User.username == args.username).first():
return {'message':"Username already in use."}, 304
user = User(args.username, args.password)
# Add the first-created user account to the Administrators group
if not User.query.first():
group = UserGroup.query.filter(UserGroup.name == "Administrators").first()
else:
group = UserGroup.query.filter(UserGroup.name == "Users").first()
group.users.append(user)
s = Session()
s.from_request(request)
user.sessions.append(s)
db.session.add(user)
db.session.add(group)
db.session.add(s)
db.session.commit()
session['session'] = s.session_id
return s.jsonify()