def login():
"""The login action, which either shows the form (GET) or handles
the form submission (POST)."""
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
print form.password.data
user = User.objects(username=form.username.data).first()
if not check_password(user, form.password.data):
flash('The username or password is wrong.')
else:
setup_user_in_session(user, session)
flash('You are now logged in!')
return redirect("/")
return render_template('login.html', form=form)
def signup():
"""The signup action, which either shows the form (GET) or handles
the form submission (POST).
"""
form = SignupForm(request.form)
if request.method == 'POST' and form.validate():
existing = User.objects(username=form.username.data).first()
if existing == None:
user = User(username=form.username.data, \
password=encrypt_password(form.password.data))
user.save()
setup_user_in_session(user, session)
flash('Thanks for signing up!')
return redirect("/")
else:
flash('That username already exists.')
return render_template('signup.html', form=form)
