def login():
form = LoginForm(request.form)
if request.method == 'POST':
if form.validate_on_submit():
user, authenticated = User.authenticate(db.session.query,
form.email.data,
form.password.data)
if authenticated:
login_user(user)
session['user_id'] = user.id
flash("You are logged in. Welcome!", "success")
return redirect(url_for('entry.show_entries'))
else:
flash("Invalid email and/or password.", "danger")
return render_template("user/login.html", form=form)
return render_template("user/login.html", title="Please Login", form=form)
