m = params.getvalue('m')
n = params.getvalue('n')
# Create new cloak service
cfg = Config()
db = DB(cfg)
# Get user password from database
usr = db.get_user_from_username(u)
if usr == False:
print "INVALID USER"
sys.exit(0)
password = getUserPassword(usr)
# Verifies password
decrypted = aes.decrypt( c, password, 256 )
if decrypted != m:
print "AUTH ERR"
sys.exit(0)
# Generates random session key and save to database
sessionkey = base64.b64encode( os.urandom(64) )
wid = db.insert_websession( usr[0], sessionkey )
# Send session key in JSON
js = json.dumps( {'k': sessionkey, 'n' : n, 'w' : wid} )
crypted = aes.encrypt( ('%04x'%len(js))+js, password, 256 )
#print crypted
sys.stdout.write(crypted)
