def login():
# If user is logged in, send them directly to content
if user_logged_in(g.user):
flash('Welcome back, ' + g.user.username + '!',
'information')
return redirect(url_for('manage'))
# If the login form is valid (username and password are filled in),
# proceed with attempting login
if request.method == 'POST':
remember_me = True # defaults to remember me, do I want to change this?
data = request.form
username = data['username']
password = data['password']
# Load users from file
ALL_USERS = load_users_from_file()
# Grab user object from user object dictionary
user_obj = get_user(username, ALL_USERS)
# Check for empty username and password
if username.strip() == '':
flash('You need to provide a username.', 'information')
elif password == '':
flash('You need to provide a password.', 'information')
# Check for valid username
elif username in ALL_USERS:
# Check user's password
if user_obj.check_password(password):
# Try logging in!
if login_user(user_obj, remember=remember_me):
# Yay, it worked! Send user to content.
flash(g.user.username + ' logged in successfully.',
'success')
return redirect(request.args.get('next') or
url_for('manage'))
# Uh oh. Something went wrong
else:
# User isn't active. They can't login.
if not user_obj.is_active():
flash('Login failed: ' + username +
' is inactive.', 'error')
# I don't know why login failed; username and password
# are OK, user is active, but login_user returned false.
else:
flash('Login failed for an unknown reason.', 'error')
# Bad password
else:
flash('Invalid username or password.', 'warning')
# Bad username
else:
flash('Invalid username or password.', 'warning')
return render_template('login.html')
def load_user(user_id):
# Load users from disk into memory every time a user object is referenced
# This should keep our user database current at all times.
# Is this a good idea?
ALL_USERS = load_users_from_file()
return get_user(user_id, ALL_USERS)
