def get_session(email):
"""
If the email and password match,
a sessionId is returned as a string.
This sessionId can to be passed
along all the other requests that are annotated
with @with_user in this file
"""
password = request.form.get("password", None)
if password is None:
return make_error(400, "Password not given")
user = User.authorize(email, password)
if user is None:
return make_error(401, "Invalid credentials")
session = Session.for_user(user)
db_session.add(session)
db_session.commit()
return str(session.id)
def get_session(email):
"""
If the email and password match,
a sessionId is returned as a string.
This sessionId can to be passed
along all the other requests that are annotated
with @with_user in this file
"""
password = request.form.get("password", None)
if password is None:
return make_error(400, "Password not given")
user = User.authorize(email, password)
if user is None:
return make_error(401, "Invalid credentials")
session = Session.for_user(user)
db_session.add(session)
db_session.commit()
return str(session.id)
def test_authorize(self):
new_password = self.faker.password()
self.user.update_password(new_password)
result = User.authorize(self.user.email, new_password)
assert result is not None and result == self.user