def post(self):
""" Logs the user in, returns an api key. """
# Verify that required fields are present, and data is valid
required_fields = ['email', 'password']
if not self.is_data_valid(required_fields):
self.return_error(self.error_messages)
return
# Verify that the password is correct
email = self.data.get('email').lower()
password = self.data.get('password')
try:
user_info = self.auth.get_user_by_password(email, password)
user = User.get_by_id(user_info['user_id'])
except (webapp2_extras.auth.InvalidAuthIdError,
webapp2_extras.auth.InvalidPasswordError):
# Obscure source of error, for security.
self.return_fail(['Either the email or password was incorrect.'])
return
# Update the user's status to 'online'
user.online = True
user.put()
# Create a Token for this User
token = Token()
token.user = user
token.put()
# Return the auth token and ID to use together
token = token.token
self.return_success(data={'auth_token': token})
def test_creation(self):
""" Should create a token. """
print 'Testing creation'
user_info = User.create_user()
user = User.get_by_id(user_info['user_id'])
token = Token()
token.user = user
token.put()
results = Token.query().fetch(2)
self.assertEqual(1, len(results))
self.assertEqual(user, results[0].user)