def login(username, password, response=None):
"""
Logs user in. Returns status 400 response if user doesn't exist or password is wrong.
:param username: a username
:param password: a password
:return: a token to authenticate with
"""
if not username or not username.strip():
logger.debug("Tried to log in with empty username")
response.status = falcon.HTTP_400
return "empty username"
username = username.strip().lower()
client = _get_client(username)
if not client:
logger.debug("Tried to log in with unknown username: %s", username)
response.status = falcon.HTTP_400
return "unknown"
success = bcrypt_sha256.verify(password, client.pw_hash)
if not success:
logger.debug("Tried to log in with wrong password as user %s", username)
response.status = falcon.HTTP_400
return "wrong password"
logger.debug("New user login: %s", username)
return _create_user_token(username, client.permissions)
评论列表
文章目录
