def isauth(): env_session = request.environ.get('beaker.session') if 'user_name' in env_session: user_name = env_session['user_name'] u = repo.User(db_session).read(user_name) return vo.auth(vo.user_base(u),True) else: return vo.auth(None,False,'out of session')
def login(): o = json.load(request.body) user_name = o["userName"] password = o["password"] u = repo.User(db_session).read(user_name) if(not u): return vo.auth(None,False,'user doesnt exist') if(u.password != encode_password(password)): return vo.auth(None,False,'wrong password') #created user app session. (authenticated) env_session = request.environ.get('beaker.session') env_session['user_name'] = user_name #removing db_session (not common rest_method) db_session.close() db_session.remove() return vo.auth(vo.user_base(u),True)