def createOne(cls, req, res): password = req.body.pop("password", "") user = User.findOne(req.body) if not user or not checkPassword(password, user.passwordHash): res.status = 400 render(req, res, "session/new.html.bepy") return user.isDisabled = False user.save() session = Session.create({ "user": user.id, "passwordHash": user.passwordHash, "lastAddress": req.remoteAddress, "lastUse": datetime.utcnow() }) res.cookies["session"] = session.id res.cookies["session"]["httponly"] = True res.cookies["session"]["max-age"] = 365 * 24 * 60 * 60 # 1 year should be permanent enough res.status = 201 res.headers["Location"] = "/session/{0}".format(session.id) render(req, res, "redirect-home.html.bepy") return session
def createOne(cls, req, res): password = req.body.pop("password", "") user = User.findOne(req.body) if not user or not checkPassword(password, user.passwordHash): res.status = 400 render(req, res, "session/new.html.bepy") return user.isDisabled = False user.save() session = Session.create({ "user": user.id, "passwordHash": user.passwordHash, "lastAddress": req.remoteAddress, "lastUse": datetime.utcnow() }) res.cookies["session"] = session.id res.cookies["session"]["httponly"] = True res.cookies["session"][ "max-age"] = 365 * 24 * 60 * 60 # 1 year should be permanent enough res.status = 201 res.headers["Location"] = "/session/{0}".format(session.id) render(req, res, "redirect-home.html.bepy") return session