def login(request):
"""
POST /api/login
:param request:
:return:
"""
form = LoginForm(**request.json)
if not form.validate():
raise HTTPBadRequest()
user = User.query().filter(User.email == form.email.data).first()
if not user or user.password != utils.hash_password(form.password.data):
raise HTTPBadRequest()
remember(request, user.id)
return user.dict()
def authentication(request):
user_id = unauthenticated_userid(request)
user = User.query().get(user_id)
return user