def verifyUserCredentials(self, clientId, userIdentifier, password):
# Login via email
if utils.validate_email(userIdentifier):
account = self._accountDB.getAccountByEmail(userIdentifier)
# Login via screen name
elif utils.validate_screen_name(userIdentifier):
account = self._accountDB.getAccountByScreenName(userIdentifier)
else:
raise StampedInvalidCredentialsError("Account not found: %s" % userIdentifier)
if account.auth_service != 'stamped':
raise StampedWrongAuthServiceError("Attempting a stamped login for an account that doesn't use stamped for auth")
if not auth.comparePasswordToStored(password, account.password):
raise StampedInvalidCredentialsError("Invalid password for user: %s" % userIdentifier)
logs.info("Login successful")
"""
IMPORTANT!!!!!
Right now we're returning a refresh token upon login. This will
have to change ultimately, but it's an okay assumption for now
that every login will be from the iPhone. Once that changes we may
have to modify this.
Also, we'll ultimately need a way to deprecate unused refresh
tokens. Not sure how we'll implement that yet....
"""
### Generate Refresh Token & Access Token
token = self.addRefreshToken(clientId, account.user_id)
logs.info("Token created")
return account, token
def verifyPassword(self, userId, password):
user = self._accountDB.getAccount(userId)
if not auth.comparePasswordToStored(password, user.password):
raise StampedInvalidPasswordError("Invalid password")
return True
