def login_action(req): # get form fields challenge = req.form.get('challenge') uid = req.form.get('uid') response = req.form.get('response') # validate the response auth = h.auth(req) v = auth.validate(challenge, uid, response) if v: # find the user in the user base (not the same as the credential store) userbase = h.userbase(req) user = userbase.getuser(uid) # user does not exist yet, create it if user is None: user = userbase.newuser(uid) # set the user session if user is not None: usersession = h.usersession(req) usersession.setuser(user) return h.redirect('/')
def logout_action(req): usersession = h.usersession(req) usersession.clear() return h.redirect('/')