示例#1
0
    def post(self):
        """ Logs the user in, returns an api key. """
        # Verify that required fields are present, and data is valid
        required_fields = ['email', 'password']
        if not self.is_data_valid(required_fields):
            self.return_error(self.error_messages)
            return

        # Verify that the password is correct
        email = self.data.get('email').lower()
        password = self.data.get('password')
        try:
            user_info = self.auth.get_user_by_password(email, password)
            user = User.get_by_id(user_info['user_id'])
        except (webapp2_extras.auth.InvalidAuthIdError,
                webapp2_extras.auth.InvalidPasswordError):
            # Obscure source of error, for security.
            self.return_fail(['Either the email or password was incorrect.'])
            return

        # Update the user's status to 'online'
        user.online = True
        user.put()

        # Create a Token for this User
        token = Token()
        token.user = user
        token.put()

        # Return the auth token and ID to use together
        token = token.token
        self.return_success(data={'auth_token': token})
示例#2
0
文件: tests.py 项目: aarose/spa_test
 def test_creation(self):
     """ Should create a token. """
     print 'Testing creation'
     user_info = User.create_user()
     user = User.get_by_id(user_info['user_id'])
     token = Token()
     token.user = user
     token.put()
     results = Token.query().fetch(2)
     self.assertEqual(1, len(results))
     self.assertEqual(user, results[0].user)