def post(self):
if self.user:
# Prompt user to log out.
self.render('message.html',
user = self.user,
message_login_1 = True)
else:
if not self.check_state():
logging.warning("Possible CSRF attack detected!")
self.redirect("/")
return
input_email = self.request.get('email').lower()
input_password = self.request.get('password')
error=""
u = User.login_by_email(input_email, input_password)
if u:
self.login(u)
self.redirect('/')
else:
state = self.make_state()
# Render page with error-messages.
self.render('login.html',
error = True,
email_form = input_email,
state = state)
def post(self):
if self.user:
# Prompt user to log out.
self.session.add_flash('message_login_1', key='homepage_flashes')
self.redirect("/")
else:
if not self.check_state():
self.redirect("/")
return
input_email = self.request.get('email').lower()
input_password = self.request.get('password')
input_captcha = self.request.get('g-recaptcha-response')
have_error = False
if not valid_captcha(input_captcha):
# Show generic login error-message.
have_error = True
if not valid_email(input_email):
# Show generic login error-message.
have_error = True
if not valid_password(input_password):
# Show generic login error-message.
have_error = True
if have_error == False:
u = User.login_by_email(input_email, input_password)
if not u:
# Show generic login error-message.
have_error = True
if have_error == False:
# Start session and add welcome flash for homepage
self.session['provider'] = 'blog'
self.login(u)
self.session.add_flash('message_login_2', key='homepage_flashes')
self.redirect('/')
else:
state = self.make_state()
# Render page with error-messages.
self.render('login.html',
error = True,
email_form = input_email,
state = state)
