def login():
print "got a login request"
ret = {'status': 'FAIL'}
# get user data
isPost = request.method == 'POST'
if isPost:
# POST
email = request.form.get('email')
password = hashlib.md5( request.form.get('password') ).hexdigest()
else:
# GET
email = request.params.get('email')
password = hashlib.md5( request.params.get('password') ).hexdigest()
u = User.get_user(email)
if u:
if u.password == password:
print "password match"
ret['status'] = 'OK'
FL.login_user(u)
FL.flash("logged in")
if isPost:
print "trying to redirect"
return redirect('/posts')
else:
return jsonify(ret)
else:
FL.flash("failed authentication")
# do the login (save cookie)
return jsonify(ret)
def signup():
ret = {'status': 'FAIL'}
name = request.form.get('name')
email = request.form.get('email')
# TODO encryption should be on the client
password = hashlib.md5( request.form.get('password') ).hexdigest()
if User.create_user(name,email,password):
ret['status']= 'OK'
return jsonify(ret)
def load_user(email): return User.get_user(email)