def login():
username = session.get("username")
session_token = session.get("session_token")
# session_token = request.cookies.get('session_token')
# 暂时不验证session_token的有效性
if session_token:
return redirect(url_for("index"))
user = Developer()
error = None
if request.method == "POST":
print "got the post request"
print request.form
# email=request.form['email']
username = request.form["username"]
password = request.form["password"]
remember = request.form.get("remember")
result = user.login_with_username(username=username, password=password)
if result:
print "redirecting to console"
session["username"] = username
session["session_token"] = user.session_token
resp = make_response(redirect(url_for("console")))
# resp.set_cookie('expiration',get_expiration())
expires = get_expiration() if remember == "on" else None
resp.set_cookie("_xsrf", generate_xsrf_token())
resp.set_cookie("session_token", user.session_token, expires=expires)
return resp
else:
return redirect(url_for("login"))
return make_response(render_template("login.html", error=error))
