def tmp(*args, **kwargs):
            def no_session():
                if on_login:
                    return f(*args, **kwargs)
                else:
                    redirect("/login")

            cookie = request.get_cookie("session")
            if cookie is None:
                return no_session()

            session = Session.objects(id=cookie).first()

            if session is None:
                return no_session()

            user = session.user
            if user is None:
                return no_session()

            if roles_require is not None:
                if user['group'].name not in roles_require:
                    return "Access denied"

            if(on_login):
                redirect("/account")
            else:
                return f(user, *args, **kwargs)
def logout():
    cookie = request.get_cookie("session")
    session = Session.objects(id=cookie).delete()
    redirect("/login")