def login(): form = LoginForm(request.form) if request.method == 'POST': if form.validate_on_submit(): user, authenticated = User.authenticate(db.session.query, form.email.data, form.password.data) if authenticated: login_user(user) session['user_id'] = user.id flash("You are logged in. Welcome!", "success") return redirect(url_for('entry.show_entries')) else: flash("Invalid email and/or password.", "danger") return render_template("user/login.html", form=form) return render_template("user/login.html", title="Please Login", form=form)