def login():
if g.user: return redirect(url_for('.index'))
form = forms.LoginForm(request.form)
if request.method == 'POST' and form.validate():
user = users.get_user_by_email(form.username.data)
if user is None or not check_password_hash(user.password_hash, form.password.data):
flash(u'Неверный e-mail или пароль', 'error')
else:
session['user_id'] = user.id
session.permanent = form.remember.data
return redirect(request.args.get('back', None) or url_for('cabinet.index'))
return render_template('site/login.html', form=form)
def check_password(form, field): if not hasattr(field, 'user') or not check_password_hash(field.user.password_hash, field.data): raise ValidationError(u'Неверный пароль')
