def authenticate_user(username: str, password: str, repo: AbstractRepository):
authenticated = False
user = repo.get_user(username)
if user is not None:
authenticated = check_password_hash(user.password, password)
if not authenticated:
raise AuthenticationException
def add_user(username: str, password: str, repo: AbstractRepository):
# Check that the given username is available.
user = repo.get_user(username)
if user is not None:
raise NameNotUniqueException
# Encrypt password so that the database doesn't store passwords 'in the clear'.
password_hash = generate_password_hash(password)
# Create and store the new User, with password encrypted.
user = User(username, password_hash)
repo.add_user(user)
def get_user(username: str, repo: AbstractRepository):
user = repo.get_user(username)
if user is None:
raise UnknownUserException
return user_to_dict(user)