async def login(self):
data = self.request.json
self.data_validator_cls = LoginValidator
try:
self.data_validator_cls(**data).validate()
except TypeError:
self.response.status = CODE_BAD_REQUEST
return
except APIException as exc:
self.response.status = CODE_BAD_REQUEST
self.response.data = exc
return
user = UserEntity(**data)
user.password = data.pop("password")
users = await self.user_repo.filter(user.serialize())
if not users:
self.response.status = CODE_UNAUTHORIZED
self.response.data = {"message": "Unauthorized."}
return
user = users[0]
auth_token = self.token_manager.create(user)
self.response.data = {"token": auth_token}
async def create_superuser(self, username: str, email: str, password: str):
user = UserEntity(username=username, email=email)
user.password = password
user.is_superadmin = True
await self.user_repo.insert(user.serialize())