Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def load_user(request):
auth_header = request.headers.get('X-Auth')
token_header = request.headers.get('X-Auth-Token')
data = []
if auth_header is not None:
(username, password) = auth_header.split(':')
user_entry = User.get(username)
if user_entry is not None:
user = User(user_entry[0], user_entry[1], user_entry[2])
if user.password == password:
if token_header == user.token:
data = login_serializer.loads(user.token)
token_user = User.get(data[0])
#Check Password and return user or None
if token_user == user_entry and data[1] == password:
return user
return None