def edit_user():
form = forms.UserForm()
if form.validate_on_submit():
db = get_db()
db.update(
{
"username": form.username.data,
"hashed_password": generate_password_hash(form.password.data)
},
doc_ids=[current_user.id])
flash("Information saved!", "success")
return redirect("/")
form.username.data = current_user.username
return render_template("users/edit.html", form=form, title="Edit Profile")
def login():
form = forms.UserForm()
if form.validate_on_submit():
db = get_db()
user = db.search((Query().username == form.username.data) & (Query().type == "user"))
if user and check_password_hash(user[0]["hashed_password"], form.password.data):
user = User.from_db(user[0])
login_user(user, remember=True)
flash("Login successful!", "success")
next_url = request.args.get("next")
return redirect(next_url or "/")
flash("Invalid credentials", "error")
return redirect("/login")
return render_template("users/login.html", form=form, title="Login")
