def validate_session(token):
db = database.get_db()
users = db.users
user = users.find_one({"session.token": token})
if user is None:
raise COCException("Could not find session for token {0}".format(token))
expires = user['session']['expires']
if expires < datetime.utcnow():
raise COCException("Found expired session for token={0} expired={1}".format(token, expires))
return True
def authenticate(username, password):
# Get user.
db = database.get_db()
users = db.users
user = users.find_one({"username": username})
if user is None:
raise COCException("Could not find user {0}".format(username))
# Check password
hashed_password = user['password']
if not _check_password(hashed_password, password):
raise COCException("Password validation failed for user {0}".format(username))
# Remove any existing sessions
user['session'] = None
# Create new session
now = datetime.utcnow()
session_minutes = app.config['SESSION_MINUTES']
expires = now + timedelta(minutes=session_minutes)
session = {
"token": uuid.uuid4().hex,
"expires": expires
}
# Store the session with the user
user['session'] = session
write_result = users.update({"_id": user['_id']}, user)
app.logger.debug("Updated user with session. write_result={0}".format(write_result))
# Return token and expire date.
return session
def __init__(self):
db = database.get_db()
self.posts = db.posts
def __init__(self):
db = database.get_db()
self.content = db.content
