authnzerver.actions.loginlogout module¶
This contains functions to log a user in and out.
-
authnzerver.actions.loginlogout.
auth_user_login
(payload: dict, override_authdb_path: str = None, raiseonfail: bool = False, config: types.SimpleNamespace = None) → dict[source]¶ Logs a user in.
Login flow for frontend:
session cookie get -> check session exists -> check user login -> old session delete (no matter what) -> new session create (with actual user_id and other info now included if successful or same user_id = anon if not successful) -> done
The frontend MUST unset the cookie as well.
FIXME: update (and fake-update) the Users table with the last_login_try and last_login_success.
Parameters: - payload (dict) –
The payload dict should contain the following keys:
- session_token: str
- email: str
- password: str
In addition to these items received from an authnzerver client, the payload must also include the following keys (usually added in by a wrapping function):
- reqid: int or str
- pii_salt: str
- override_authdb_path (str or None) – The SQLAlchemy database URL to use if not using the default auth DB.
- raiseonfail (bool) – If True, and something goes wrong, this will raise an Exception instead of returning normally with a failure condition.
- config (SimpleNamespace object or None) – An object containing systemwide config variables as attributes. This is useful when the wrapping function needs to pass in some settings directly from environment variables.
Returns: Returns a dict containing the result of the password verification check.
Return type: dict
- payload (dict) –
-
authnzerver.actions.loginlogout.
auth_user_logout
(payload: dict, override_authdb_path: str = None, raiseonfail: bool = False, config: types.SimpleNamespace = None) → dict[source]¶ Logs out a user.
Deletes the session token from the session store. On the next request (redirect from POST /auth/logout to GET /), the frontend will issue a new one.
The frontend MUST unset the cookie as well.
Parameters: - payload (dict) –
The payload dict should contain the following keys:
- session_token: str
- user_id: int
In addition to these items received from an authnzerver client, the payload must also include the following keys (usually added in by a wrapping function):
- reqid: int or str
- pii_salt: str
- override_authdb_path (str or None) – The SQLAlchemy database URL to use if not using the default auth DB.
- raiseonfail (bool) – If True, and something goes wrong, this will raise an Exception instead of returning normally with a failure condition.
- config (SimpleNamespace object or None) – An object containing systemwide config variables as attributes. This is useful when the wrapping function needs to pass in some settings directly from environment variables.
Returns: Returns a dict containing the result of the password verification check.
Return type: dict
- payload (dict) –