def logout():
if not get_current_user_data():
return redirect_url('login')
UserController.logout()
return redirect('/', 302)
def decorator(*args, **kwargs):
user_data = get_current_user_data()
if user_data is None:
return not_logged_in(callback, *args, **kwargs)
if not has_permission(user_data.get('role'), resource, action):
if callback is None:
return current_app.auth.not_permitted_callback(*args, **kwargs)
else:
return callback(*args, **kwargs)
return callback(*args, **kwargs)
return func(*args, **kwargs)
def login():
if get_current_user_data():
return redirect('/', 302)
error = None
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
if UserController.authenticate_and_session(username, password):
flash(gettext('You were successfully logged in'))
if request.referrer.endswith('/login'):
return redirect(url_for('root'))
return redirect(redirect_url())
else:
error = gettext('Invalid credentials')
return themes.render('main/login', error=error)
