def get_by_id(id): return db.select('users', where='id=$id')[0]def get_by_

1. def get_by_id(id):
2.     return db.select('users', where='id=$id')[0]
3.  
4. def get_by_username(username):
5.     return db.select('users', where='username=$username')[0]
6.  
7. def get_by_email(email):
8.     return db.select('users', where='email=$email')[0]
9.  
10. def is_email_available(email):
11.     return not db.select('users', vars = dict(email=email), what = 'count(id) as c', where = 'email = $email')[0].c
12.  
13. def is_correct_password(username, password):
14.     userdata = user.get_user_by_username(username)
15.     hashed = userdate['password']
16.     return bcrypt.hashpw(password, hashed) == hashed
17.  
18. def create(username, password, email, **kw):
19.     hashed = bcrypt.hashpw(password, bcrypt.gensalt())
20.     db.insert('users', username=username, password=hashed, email=email, **kw)
21.  
22. def delete(id):
23.     db.delete('users', where='id=$id')
24.  
25. login_form = form.Form(
26.     form.Textbox('username'),
27.     form.Password('password'),
28.     form.Button('Login'),
29.     validators = [
30.         form.Validator('Incorrect username / password combination.', lambda i: user.is_correct_password(i.username, i.password))
31.     ]
32. )
33.  
34. class login:
35.     def GET(SELF):
36.         # do $:form.render() in the template
37.         form = login_form()
38.         return render.login(form)
39.  
40.     def POST(SELF):
41.         form = login_form()
42.         username, password = web.input().username, web.input().password
43.         if not form.validates():
44.             return render.login(form)
45.         else:
46.             session.logged_in = 1
47.             session.username = username
48.             #redirect user back where they came from or to index
49.             referer = web.ctx.env.get('HTTP_REFERER', '/')
50.             raise web.seeother(referer)