def authenticate(email, password):
from database import bcrypt
user = DbUser.query.filter_by(email=email).first()
if user is not None:
if user.user_authorized and bcrypt.check_password_hash(
user.password, password):
return True
return False
def login(self, password_attempt):
if bcrypt.check_password_hash(self.password_hash,
self.password_salt + password_attempt):
session['user_id'] = self.id
session['username'] = self.username
session['admin'] = self.isAdmin()
return True
else:
return False
def login():
req = request.json
auth = request.authorization
user = User.query.filter_by(username=req["username"]).first()
if user and bcrypt.check_password_hash(user.password, req["password"]):
token = jwt.encode({'id': user.id, 'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=60)}, os.getenv("SECRET"))
return jsonify({'token' : token.decode("ascii")})
else:
return make_response("Sorry, invalid credentials", 401)
def is_correct_password(self, plaintext):
return bcrypt.check_password_hash(self._password, plaintext)