def verify_password(username_or_token, password):
if User.verify_auth_token(username_or_token) is not None:
return True
try:
user = Ctrl.get_user_with_name(username_or_token)
except Ctrl.AdminControlException:
return False
return user.verify_password(password)
def test_verify_auth_token(self):
correct_data = dict(email='*****@*****.**', password='******')
token = User.generate_auth_token(**correct_data)
self.assertEqual(self.user, User.verify_auth_token(token))
with self.assertRaises(BadSignature):
User.verify_auth_token(token[:-5])