def user_loader(username): if not User.exist_in_db(username): Logger.debug('user does not exist in user_loader') return else: user = User.get(username) return user
def login(): # # # if request.method == 'GET': # # if g.user is not None and g.user.is_authenticated: # # return jsonify({'status': False, 'cause': 'already logged in'}) # Logger.info('login GET') # return jsonify({'status': False, 'cause': 'only POST is allowed'}) # # return ''' # # <!doctype html> # # <title>Login</title> # # <h1>login</h1> # # <form action="" method=post enctype=multipart/form-data> # # <p><input type=text name=username> # # <input type=password name=password> # # <input type=submit value=login> # # </form> # # ''' username = request.json['username'] password = request.json['password'] Logger.info('login POST') auth_result = User.auth(username, password) if auth_result['status']: Logger.debug('before login_user') user = User.get(username) flask_login.login_user(user) Logger.debug('after login_user') return flask.jsonify({'status': True}) else: return flask.jsonify(auth_result)
def auth(username, password): if User.exist_in_db(username): users = db.users result = users.find_one({'username': username}, {'password':1, '_id': 0}) Logger.debug(result['password']) if password != result['password']: return {'status': False, 'cause': 'wrong password'} else: return {'status': True} else: return {'status': False, 'cause': 'username does not exist'}