-
Notifications
You must be signed in to change notification settings - Fork 0
/
security.py
25 lines (22 loc) · 930 Bytes
/
security.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
from werkzeug.security import safe_str_cmp
from models.user import UserModel
def authenticate(username, password):
"""
Function that gets called when user calls the /auth endpoint
with their username and password.
:param username: User's username in string format
:param password: User's password in un-encrypted string format
:return: A UserModel object if authentication successful, None otherwise.
"""
user = UserModel.find_by_username(username)
if user and safe_str_cmp(user.password, password):
return user
def identity(payload):
"""
Function that gets called when the user has already authenticated (logged in),
and Flask-JWT verified their authorization header is correct.
:param payload: A dictionary with 'identity' key, which is the user id.
:return: A UserModel object.
"""
user_id = payload['identity']
return UserModel.find_by_id(user_id)