def login():
if g.user is not None and g.user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
user = User()
user.name = form.name.data
user.passwd = form.password.data.strip()
users = User.find_all('name=?', [user.name])
if users is None or len(users) == 0:
log(level=1, msg="用户名不存在!")
return redirect(url_for('login'))
elif not check_password_hash(users[0].passwd, user.passwd):
log(level=1, msg="密码错误!")
return redirect(url_for('login'))
login_user(users[0], remember=True)
return redirect(request.args.get('next') or url_for('index'))
return render_template('login.html', title='Sign in', form=form)
def login(request):
from www.forms import LoginForm
if request.POST:
form = LoginForm(request.POST)
if form.is_valid():
email = form.cleaned_data.get('email')
password = form.cleaned_data.get('password')
remember_me = form.cleaned_data.get('remember_me')
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
next = request.POST.get('next', None)
if not remember_me:
request.session.set_expiry(0)
if next:
return redirect(next)
return redirect('sites')
else:
logger.error("Attempted login by a disabled account.")
messages.error(request, "Your account has been disabled. Please submit a support request for more details.")
else:
logger.error("Invalid username/password.")
messages.error(request, "Your username and password did not match.")
else:
form = LoginForm()
return {
'TEMPLATE': 'www/login.html',
'form': form,
'next': request.GET.get('next', ''),
}
