From 1d321f1c7158f3bd263d64ae703311e8d8e2a22a Mon Sep 17 00:00:00 2001
From: Rodney Ewing <ewing.rj@gmail.com>
Date: Sat, 25 May 2013 07:59:03 -0700
Subject: created a check_login_simple function

---
 mediagoblin/auth/tools.py | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'mediagoblin/auth/tools.py')

diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py
index 16611757..db6b6e37 100644
--- a/mediagoblin/auth/tools.py
+++ b/mediagoblin/auth/tools.py
@@ -15,7 +15,10 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import uuid
+import logging
+
 import wtforms
+from sqlalchemy import or_
 
 from mediagoblin import mg_globals
 from mediagoblin.auth import lib as auth_lib
@@ -25,6 +28,8 @@ from mediagoblin.tools.mail import (normalize_email, send_email,
 from mediagoblin.tools.template import render_template
 from mediagoblin.tools.translate import lazy_pass_to_ugettext as _
 
+_log = logging.getLogger(__name__)
+
 
 def normalize_user_or_email_field(allow_email=True, allow_user=True):
     """
@@ -136,3 +141,19 @@ def register_user(request, register_form):
         return user
 
     return None
+
+
+def check_login_simple(username, password, username_might_be_email=False):
+    search = (User.username == username)
+    if username_might_be_email and ('@' in username):
+        search = or_(search, User.email == username)
+    user = User.query.filter(search).first()
+    if not user:
+        _log.info("User %r not found", username)
+        auth_lib.fake_login_attempt()
+        return None
+    if not auth_lib.bcrypt_check_password(password, user.pw_hash):
+        _log.warn("Wrong password for %r", username)
+        return None
+    _log.info("Logging %r in", username)
+    return user
-- 
cgit v1.2.3