def getSession(request, data):
token = Token.load(data['token'])
if not token:
print "Invalid token"
return "NOPE"
if not token.user:
print "Token not validated"
return "NOPE"
print "GRANTING SESSION for token %s" % token.token
token.consume()
session = Session.create(token.user)
doc, tag, text = Doc().tagtext()
with tag('lfm', status="ok"):
with tag('session'):
with tag('name'):
text(session.user.name)
with tag('key'):
text(session.id)
with tag('subscriber'):
text('0')
return '<?xml version="1.0" encoding="utf-8"?>\n' + yattag.indent(doc.getvalue())
def getToken(request, data):
token = Token.generate()
print "ISSUING TOKEN %s" % token.token
doc, tag, text = Doc().tagtext()
with tag('lfm', status="ok"):
with tag('token'):
text(token.token)
return '<?xml version="1.0" encoding="utf-8"?>\n' + yattag.indent(doc.getvalue())
def api_auth_approve():
user = request.form['user']
token = Token.load(request.form['token'])
token.validate(User.load_by_name(user).id)
return "Token %s approved for user %s, press continue in client." % (token.token, user)
