def login_credentials(provided_credentials, cursor = None): cursor.execute(""" SELECT user.id, user.email, user.password FROM user WHERE user.email = %(email)s;""", {'email' : provided_credentials.email}) row = cursor.fetchone() or {} stored_credentials = Credentials.map_from_form(row) return stored_credentials
def login(): '''Called when a user is loging in (shocker) Checks the provided email and password with the values stored in the database''' credentials_form = json.loads(request.form['payload']) credentials_form = sanitize.form_keys(credentials_form) provided_credentials = Credentials.map_from_form(credentials_form) stored_credentials = user_select.login_credentials(provided_credentials) try: validate.login(stored_credentials, provided_credentials) except InvalidCredential as invalid: return response.error(invalid.args[0]) token = Token() token.user_id = stored_credentials.id token.update() user_update.token(token) return response.add_token(token = token)
def register_user(): '''Called when adding a new user to the database. Makes sure that all information provided is valid(see individual validations for details) and hashes the password for storage''' credentials_form = json.loads(request.form['payload']) credentials_form = sanitize.form_keys(credentials_form) credentials = Credentials.map_from_form(credentials_form) try: validate.email(credentials.email) validate.name(credentials.first_name) validate.name(credentials.last_name) validate.password(credentials.password) except InvalidCredential as invalid: return response.error(invalid.args[0]) credentials.hash_password() user_insert.new_user(credentials) return login()