def login(email, password): """ """ assert isinstance(email, unicode) assert isinstance(password, unicode) assert email assert password try: user_entity = UserEntityDAO.select_by_email(email) except NoResultFound: raise InvalidCredentialsException() hashed_password = hashlib.sha512(password + user_entity.salt).hexdigest() if hashed_password != user_entity.password: raise InvalidCredentialsException() access_token_entity = AccessTokenEntity( user_entity, uuid.uuid4().hex, ) AccessTokenDAO.save(access_token_entity) return access_token_entity.access_token
def authenticate(self, req): """ No real authentication :param req: The current request :type req: falcon.Request :returns: A session object :rtype: AbstractSession """ assert isinstance(req, falcon.Request) api_access_token = req.get_header("X-TREX-API-ACCESS-TOKEN") # This is the api access token access_token = req.get_header("X-TREX-USER-ACCESS-TOKEN") # This is the access token try: access_token_entity = AccessTokenDAO.select_by_access_token(access_token) except NoResultFound: raise Exception("You don't have access") return ApiSession(access_token_entity.user)