def _doPost(self, dataObject): if "email" in dataObject and "password" in dataObject: username = dataObject['email'] password = dataObject['password'] try: umapper = UserMapper() selectedUser = umapper.getUserByEmail(username) except mdb.DatabaseError, e: raise ServerError("Unable to search the user database (%s: %s)" % e.args[0], e.args[1]) # check we have a result if selectedUser is None: raise NotFound("We have no record of a user with the username %s" % username) # check password is correct return corresponding key if not checkHash(password, selectedUser.getPassword()): raise Unauthorised("Failed to login with that username and password") # get API token from the database and return it try: rdata = {} ATM_ = ApitokenMapper() rdata["apitoken"] = ATM_.findTokenByUserId(selectedUser.getId()).getToken() rdata["user"] = selectedUser.dict(1) return self._response(rdata, CODE.CREATED) except mdb.DatabaseError, e: raise ServerError("Unable to get API key from the database (%s: %s)" % e.args[0], e.args[1])