def verify_password(username, password):
authorization = request.headers.get('Authorization', '').split(' ')
bearer = authorization[1] if len(authorization) > 1 else ''
if bearer:
g.current_user = User.verify_access_token(bearer)
g.token_used = True
return g.current_user is not None
if username == '':
g.current_user = AnonymousUser()
return True
user = User(username=username)
if not user or not user.user_id:
return False
g.current_user = user
g.token_used = False
return user.verify_password(password)
评论列表
文章目录
