def post_users_login():
try:
user = user_from_attribute('email', g.req.data.get('email'))
except NoResultFound:
raise InvalidUsage(message="No user exists with the provided e-mail address.")
except MultipleResultsFound:
raise InvalidUsage(message="Multiple, identical e-mail addresses found.",
status_code=500)
if not password_matches_user(g.req.data.get('password'), user=user):
raise InvalidUsage(message="Password is invalid.")
# Ensure that there are never any collisions with user tokens.
# Guaranteed with unique constraint for User.token.
while True:
user.token = generate_user_token()
db.session.add(user)
try:
db.session.commit()
break
except IntegrityError:
print_log("Failed generating user token due to collision, retrying...")
g.res.update_data({'user': {'token': user.token}})
g.res.message = "User with id \"{}\" was logged in.".format(user.id)
return jsonify(g.res)
# POST /users/logout/
评论列表
文章目录
