def login(): if env.user.is_authorized(): raise AlreadyAuthorized try: login = env.request.args("login") password = env.request.args("password") if not login or not password: raise NotAuthorized return {"token": env.user.authenticate(login, password), "csrf_token": csrf_token()} except KeyError: raise NotAuthorized
def login(): if env.user.is_authorized(): raise AlreadyAuthorized try: login = env.request.args('login') password = env.request.args('password') if not login or not password: raise NotAuthorized return { 'token': env.user.authenticate(login, password), 'csrf_token': csrf_token() } except KeyError: raise NotAuthorized
def _fn(*args, **kwargs): token = env.request.args("csrf_token") or env.request.header("X-CSRF") if not token or token != csrf_token(): raise CSRFError return fn(*args, **kwargs)
def _fn(*args, **kwargs): token = env.request.args('csrf_token') or env.request.header('X-CSRF') if not token or token != csrf_token(): raise CSRFError return fn(*args, **kwargs)