def put(self, username): "Add a session for a user and return the session cookie" parser = restful.reqparse.RequestParser() parser.add_argument("password", type=str, help="password.", required=True) args = parser.parse_args() user = User.query.filter(User.username == username).first() if not user: return{}, 404 if not user.verify_password(args.password): return {}, 401 if not user.active: return {}, 304 s = Session() s.from_request(request) user.sessions.append(s) db.session.add(user) db.session.add(s) db.session.commit() session['session'] = s.session_id log("%s logged in." % user.username) response = user.jsonify() response['session'] = s.jsonify() return response
def put(self): """ Create a user given a username and password. """ parser = reqparse.RequestParser() parser.add_argument("username", type=unicode, help="Username.", required=True) parser.add_argument("password", type=unicode, help="Password.", required=True) args = parser.parse_args() if "PERMIT_NEW_ACCOUNTS" in app.config and \ not app.config["PERMIT_NEW_ACCOUNTS"]: return {"message":"This server isn't allowing new accounts at this time."}, 304 if User.query.filter(User.username == args.username).first(): return {'message':"Username already in use."}, 304 user = User(args.username, args.password) # Add the first-created user account to the Administrators group if not User.query.first(): group = UserGroup.query.filter(UserGroup.name == "Administrators").first() else: group = UserGroup.query.filter(UserGroup.name == "Users").first() group.users.append(user) s = Session() s.from_request(request) user.sessions.append(s) db.session.add(user) db.session.add(group) db.session.add(s) db.session.commit() session['session'] = s.session_id return s.jsonify()