async def login_handler(request: web.Request):
try:
ctx = json.loads(await request.text())
verified = await Admin.verify_password(ctx['username'],
ctx['password'],
DB.get(request, table))
if not verified:
raise Exception({'message': 'Unathorized', 'status_code': 401})
admin = await Admin.get_by_username(ctx['username'],
DB.get(request, table))
sanitized_admin = pydash.omit(admin, 'password')
return web.json_response(
{'data': DB.format_document(Bson.to_json(sanitized_admin))})
except Exception as err:
return Error.handle(err)
async def verify_password(username: str, password: str, db):
"""
verfies admin password
@param username: (str) username of admin
@param password: (str) password to check
@param db: mongo instance
"""
match = False
admin = await Admin.get_by_username(username, db)
if not admin:
raise Exception({
'message': 'Admin does not exist',
'status_code': 401
})
match = Hasher.validate(password, admin['password'])
if match:
formatted_admin = DB.format_document(Bson.to_json(admin))
await Admin.generate_token(formatted_admin, db)
return match
