def post(self):
        """
        Checks if user login in valid, if yes redirect 
        to main route, if no sends an error message
        :return: 
        """
        user = self.request.get('user')
        password = self.request.get('password')
        error_message = ""

        user_from_db = User.get_user(user)

        if not user_from_db:
            error_message = 'User does not exists, please sign in'
        else:
            user_has_permission = HashUtils\
                .hasPermission(password, user_from_db.salt, user_from_db.hash)

            if user_has_permission:
                self.response.set_cookie('user_id', user_from_db.hash)
                self.response.set_cookie('user_desc', user_from_db.user)
                self.redirect('/main')
            else:
                error_message = 'User or password are wrong'

        self.render('login.html', error_message=error_message)
Exemple #2
0
 def user_name_exists(username):
     return User.get_user(username)