def login():
req = request.get_json()
if 'username' not in req or 'password' not in req:
return jsonify({'error': 'Bad request'}), 400
username = req['username']
password = req['password']
user = User.query.filter(User.username == username).first()
if user and get_hash(password, user.salt) == user.password:
token = uuid.uuid4().hex
user.token = token
db_session.query(User).filter_by(id=user.id) \
.update({"token": user.token})
db_session.commit()
resp = jsonify({'success': True})
resp.set_cookie('token', token)
return resp
return jsonify({'error': 'Bad login'}), 401
评论列表
文章目录
