def get_user(): username = cherrypy.session.get(SESSION_KEY, None) if username is None: return None db = cherrypy.request.db u = User.get_by_username(db, username) return u
def check_credentials(username, password): """Verifies credentials for username and password. Returns None on success or a string describing the error on failure""" db = cherrypy.request.db u = User.get_by_username(db, username) if u is None: return u"Username or Password is invaild. Pleas try again." dk = hashlib.pbkdf2_hmac('sha256', password.encode(), u.salt, 100000) binascii.hexlify(dk) if u.hash != dk: return u"Username or Password is invaild. Pleas try again."