def delete(self, id): if request.params.get('_authentication_token', None) != authentication_token(): abort(403) if id is None: abort(404) s = Session() user = s.query(User).get(id) if user is None: return (404) s.delete(user.user_data) s.delete(user) s.commit() return "Your account has been deleted."
def disable(self, id): if request.params.get('_authentication_token', None) != authentication_token(): abort(403) if id is None: avort(404) s = Session() user = s.query(User).get(id) if user is None: abort(404) user.active = False s.add(user) s.commit() return "account %s disabled" % user.email
def authenticated_form(params): submitted_token = params.get(secure_form.token_key) return submitted_token is not None and submitted_token == secure_form.authentication_token()
def authenticated_form(params): submitted_token = params.get(secure_form.token_key) return submitted_token is not None and \ submitted_token == secure_form.authentication_token()