def login(): try: data = request.get_json(silent=True) # username, password user = db.get_user_by_username(data["username"]) if user == None: logger.warning("Login errorea, '" + data["username"] + "' erabiltzailea ez da esistitzen. " + str(request.remote_addr)) return jsonify({"error": "Erabiltzaile izena ez da zuzena"}), 400 elif not check_password_hash(user.password, data["password"]): logger.warning("Login errorea, '" + data["username"] + "' erabiltzaileak ez du pasahitz egokia erabili. " + str(request.remote_addr)) return jsonify({"error": "Pasahitza ez da zuzena"}), 400 else: token = token_generator() db.delete_session_by_user(user.id) if not db.add(Session(user.id, token)): abort(500) # TODO: #if user.change_password: # Pasahitza aldatu behar da # return jsonify({"token" : token, "chpassword" : "true"}), 200 return jsonify({"token": token}), 200 except Exception as e: logger.error("Errorea 'login' : " + str(e) + " " + str(request.remote_addr)) abort(500)
def login(): try: data = request.get_json(silent=True) # username, password user = db.get_user_by_username(data["username"]) if user == None: logger.warning("Login error, '" + data["username"] + "' user doesn't exist. " + str(request.remote_addr)) return jsonify({"error": "User doesn't exist"}), 400 elif not check_password_hash(user.password, data["password"]): logger.warning("Login error, '" + data["username"] + "' password is not correct " + str(request.remote_addr)) return jsonify({"error": "Incorrect password"}), 400 else: token = token_generator() db.delete_session_by_user(user.id) if not db.add(Session(user.id, token)): abort(500) return jsonify({"token": token}), 200 except Exception as e: print("[DEBUG] Error " + str(e)) logger.error("Error in 'login' : " + str(e) + " " + str(request.remote_addr)) abort(500)
def logout(): try: token = request.headers["token"] user = db.get_user_by_token(token) db.delete_session_by_user(user.id) return jsonify({}), 200 except Exception as e: logger.error("Errorea 'logout' : " + str(e) + " " + str(request.remote_addr)) abort(500)
def sign_in(): try: data = request.get_json(silent=True) user = db.get_user_by_email(data["email"]) if user == None: return jsonify({"error": "Email doesn't exist"}), 200 elif not check_password_hash(user.password, data["password"]): return jsonify({"error": "Password is not correct"}), 200 else: token = token_generator() db.delete_session_by_user(user.id) if not db.add(Session(user.id, token)): abort(500) return jsonify({ "success": "true", "token": token, "email": user.email, "username": user.username }), 200 except: abort(500)
def sign_out(): try: token = request.headers["token"] user = db.get_user_by_token(token) if user == None: return jsonify({"error": "The token is not correct"}), 200 if db.delete_session_by_user(user.id) == None: return jsonify({"error": "The user is not logged in"}), 200 return jsonify({"success": "true"}), 200 except: abort(500)