def check_password(self, raw_password):
"""Compares raw_password to password stored for user. Updates
self.last_login on success.
"""
algorithm, salt, hash = auth.split_passwd_line(self.password)
(_, _, user_hash) = auth.gen_hexdigest(raw_password,
algorithm=algorithm, salt=salt)
if hash == user_hash:
self.last_login = curtime()
return True
else:
return False
def create_user(cls, username, password, email=str()):
"""Creates a user document with given username and password
and saves it.
Validation occurs only for email argument. It makes no assumptions
about password format.
"""
now = curtime()
username = username.lower()
email = email.strip()
email = email.lower()
# Username must pass valid character range check.
if not cls.username_regex.match(username):
warning = 'Username failed character validation - username_regex'
raise ValueError(warning)
# Caller should handle validation exceptions
cls.validate_class_partial(dict(email=email))
user = cls(username=username, email=email, date_joined=now)
user.set_password(password)
return user