def login(phone=None, token=None): user = User.by_phone(phone) if not user: raise NotFound('User not found') if token != user.token().value: raise Unauthorized() init_session(user) return user.guid
def create_user(phone=None, name=None, start_session=True): result = User.by_phone(phone) if result: raise BadRequest("Phone in use") user = User() user.value = name user.save() user.phone(phone) token = gen_token(phone) user.token(token) if start_session: init_session(user) return [user.guid, token, phone]