def post(self): username = self.get_argument("username") password = self.get_argument("password") account = Account.by_name_pass(self.domain, username, password) #logging.info("account=%s", account) result = "created" if account.isNone: account.create(self.domain, username, password) else: result = "already" access_token = self.create_signed_value( 'access_token', account.key + '@' + str(self.identity) ) #self.set_secure_cookie("counter", "0") self.set_cookie('access_token', access_token) account.set_token(access_token) self.writeasjson({ "result": result, "access_token": access_token, "account": account.filter(), })
def account(self): if not hasattr(self, '_account'): self._account = Account.get(self.akey, cached=True) if self.access_token not in self._account.document["access_tokens"]: raise HTTPError(401, "Error access token: The session is invalid because the " + "user logged out.") if self._account is None: raise HTTPError(401, "Account not found") return self._account
def get(self, domain): accounts = Account.getall() self.writeasjson({ "accounts": [Account.static_filter(a) for a in accounts if a.get("domain", "") == domain], })