def verify_password(email_or_token, password):
"""authentication verification with either login credentials or tokens
"""
if email_or_token == '':
return False
if password == '':
# verify token
g.current_user = User.verify_auth_token(email_or_token)
g.token_used = True
return g.current_user is not None
# verify email
user = User.query.filter_by(email=email_or_token).first()
if not user:
return False
g.current_user = user
g.token_used = False
return user.verify_password(password)
