def verifyUserCredentials(self, clientId, userIdentifier, password): # Login via email if utils.validate_email(userIdentifier): account = self._accountDB.getAccountByEmail(userIdentifier) # Login via screen name elif utils.validate_screen_name(userIdentifier): account = self._accountDB.getAccountByScreenName(userIdentifier) else: raise StampedInvalidCredentialsError("Account not found: %s" % userIdentifier) if account.auth_service != 'stamped': raise StampedWrongAuthServiceError("Attempting a stamped login for an account that doesn't use stamped for auth") if not auth.comparePasswordToStored(password, account.password): raise StampedInvalidCredentialsError("Invalid password for user: %s" % userIdentifier) logs.info("Login successful") """ IMPORTANT!!!!! Right now we're returning a refresh token upon login. This will have to change ultimately, but it's an okay assumption for now that every login will be from the iPhone. Once that changes we may have to modify this. Also, we'll ultimately need a way to deprecate unused refresh tokens. Not sure how we'll implement that yet.... """ ### Generate Refresh Token & Access Token token = self.addRefreshToken(clientId, account.user_id) logs.info("Token created") return account, token
def verifyPassword(self, userId, password): user = self._accountDB.getAccount(userId) if not auth.comparePasswordToStored(password, user.password): raise StampedInvalidPasswordError("Invalid password") return True