def post(self): username = self.request.get("username") exists = User.all().filter("username ="******"status": "ERROR", "error": "There is already a user with that username. Choose another."})) return pwhash = self.request.get("password") user = User() user.username = username user.salt = ''.join(random.choice(string.ascii_letters + string.digits) for x in range(self.SALT_LENGTH)) h = hashlib.sha256() h.update(user.salt + pwhash) user.pw_hsh = h.hexdigest() user.token = utils.generateCookie(username) user.put() self.response.set_cookie("PBLOGIN", user.token, max_age=utils.cookieExpiration(), secure=not(ON_DEV)) self.response.write(json.dumps({"status": "OK"}))
def post(self): username = self.request.get("username") user = User.all().filter("username ="******"status": "ERROR", "error": "There is no user with that username."})) return pwhash = self.request.get("password") h = hashlib.sha256() h.update(user.salt + pwhash) if user.pw_hsh != h.hexdigest(): self.response.write(json.dumps({"status": "ERROR", "error": "Incorrect password."})) return newcookie = utils.generateCookie(username) user.token = newcookie user.put() expiration = utils.cookieExpiration() self.response.set_cookie("PBLOGIN", user.token, max_age=expiration, secure=not(ON_DEV)) self.response.write(json.dumps({"status": "OK"}))