def verify_password(email_or_token, password): """authentication verification with either login credentials or tokens """ if email_or_token == '': return False if password == '': # verify token g.current_user = User.verify_auth_token(email_or_token) g.token_used = True return g.current_user is not None # verify email user = User.query.filter_by(email=email_or_token).first() if not user: return False g.current_user = user g.token_used = False return user.verify_password(password)