def post(self): username = self.request.get('username') password = self.request.get('password') users = db.GqlQuery("select * from User where name='%s'" % escape(username) ) error = '' if users.count(1): user = users[0] if not verify_hash(username, password, user.hashpw, user.salt): error = 'Invalid password' else: error='Invalid login' if error: self.render_form(username, password, error) else: cookie = '%s|%s' % ( user.key().id(), user.hashpw ) self.response.headers.add_header('Set-Cookie', 'ikariblog_user=%s; Path=/' % str(cookie) ) self.redirect("/blog/welcome")