# coding: utf-8
from __future__ import absolute_import
from webargs.flaskparser import parser
from webargs import fields as wf
import flask
import flask_restful
from api import helpers
import auth
import model
import util
from main import api_v1
@api_v1.resource('/auth/signin/', endpoint='api.auth.signin')
class AuthAPI(flask_restful.Resource):
def post(self):
args = parser.parse({
'username': wf.Str(missing=None),
'email': wf.Str(missing=None),
'password': wf.Str(missing=None),
})
handler = args['username'] or args['email']
password = args['password']
if not handler or not password:
return flask.abort(400)
user_db = model.User.get_by(
'email' if '@' in handler else 'username', handler.lower()
)
if user_db and user_db.password_hash == util.password_hash(user_db, password):
auth.signin_user_db(user_db)
return helpers.make_response(user_db, model.User.FIELDS)
return flask.abort(401)
