def login(email, password):
"""
"""
assert isinstance(email, unicode)
assert isinstance(password, unicode)
assert email
assert password
try:
user_entity = UserEntityDAO.select_by_email(email)
except NoResultFound:
raise InvalidCredentialsException()
hashed_password = hashlib.sha512(password + user_entity.salt).hexdigest()
if hashed_password != user_entity.password:
raise InvalidCredentialsException()
access_token_entity = AccessTokenEntity(
user_entity,
uuid.uuid4().hex,
)
AccessTokenDAO.save(access_token_entity)
return access_token_entity.access_token
def authenticate(self, req):
"""
No real authentication
:param req: The current request
:type req: falcon.Request
:returns: A session object
:rtype: AbstractSession
"""
assert isinstance(req, falcon.Request)
api_access_token = req.get_header("X-TREX-API-ACCESS-TOKEN") # This is the api access token
access_token = req.get_header("X-TREX-USER-ACCESS-TOKEN") # This is the access token
try:
access_token_entity = AccessTokenDAO.select_by_access_token(access_token)
except NoResultFound:
raise Exception("You don't have access")
return ApiSession(access_token_entity.user)
