diff options
| -rw-r--r-- | backend/views.py | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/backend/views.py b/backend/views.py index 73dcd17..9ec67d9 100644 --- a/backend/views.py +++ b/backend/views.py @@ -67,17 +67,32 @@ def check_form_fields(request, form_fields): @require_POST def api_auth_login(request): - """""" + """ Log in user """ form_fields = ['username', 'password'] response = check_form_fields(request, form_fields) if response: return response - return HttpResponse('Not implemented yet!\n') + user = auth.authenticate(username=request.POST['username'], + password=request.POST['password']) + if user: + if user.is_active: + auth.login(request, user) + response = api_ok_headers() + response.write('%d\t%s\t%d\n' % (user.id, user.username, user.get_profile().access)) + return response + else: + return api_error_headers('user disabled') + else: + if auth.models.User.objects.filter(username=request.POST['username']): + return api_error_headers('wrong password') + else: + return api_error_headers('no such user') @require_POST def api_auth_logout(request): - """""" - return HttpResponse('Not implemented yet!\n') + """ Log out user """ + auth.logout(request) + return api_ok_headers() @require_POST def api_auth_sneakin(request): @@ -115,7 +130,7 @@ def api_auth_register(request): except: return api_error_headers('problem storing user profile') response = api_ok_headers() - response.write('%d\t%s\t%d' % (user.id, user.username, user_profile.access)) + response.write('%d\t%s\t%d\n' % (user.id, user.username, user_profile.access)) return response @require_POST |