def activate(self, token):
#TODO: add max tries for abuse protection
if is_equal(token, self.info['token']):
self.logger.debug('[%s] -> valid activation token', self.info['email'])
#valid activation, retrieve and remove document
user = self.db_manager.find_document('users.pending', {'email': self.info['email']})
#delete unwanted fields
del user['tries'], user['token']
if not self.db_manager.insert_document('users.active', user):
raise ActivationError("Couldn't activate user", 500)
#this way, if we can't insert user in active collection, he stays
# in pending
self.db_manager.remove_document('users.pending', {'email': self.info['email']})
else:
raise ActivationError('Bad token', 400)
def authenticate(self, auth_id):
return is_equal(self.info['auth_id'], auth_id)