| 82 | #post -> username, password |
| 83 | @route("/api/login", method="POST") |
| 84 | def login(): |
| 85 | response.headers.replace("Content-type", "application/json") |
| 86 | response.headers.append("Cache-Control", "no-cache, must-revalidate") |
| 87 | |
| 88 | user = request.forms.get("username") |
| 89 | password = request.forms.get("password") |
| 90 | |
| 91 | info = PYLOAD.checkAuth(user, password) |
| 92 | |
| 93 | if not info: |
| 94 | return json.dumps(False) |
| 95 | |
| 96 | s = set_session(request, info) |
| 97 | |
| 98 | # get the session id by dirty way, documentations seems wrong |
| 99 | try: |
| 100 | sid = s._headers["cookie_out"].split("=")[1].split(";")[0] |
| 101 | return json.dumps(sid) |
| 102 | except: |
| 103 | return json.dumps(True) |
| 104 | |
| 105 | |
| 106 | @route("/api/logout") |