def login(): if not current_app.config['DEBUG'] and not current_app.config['TESTING'] \ and not request.is_secure: return redirect(url_for('.login', _external=True, _scheme='https')) form = LoginForm() if form.validate_on_submit(): user = User.get_user_by_name(form.user_name.data) if user and User.verify_password(user, form.password.data): user_obj = User(user) login_user(user_obj) # flash("Logged in successfully", category='success') return redirect(request.args.get('next') or url_for('statements.index')) else: flash('Invalid user name or password.', category='error') return render_template('auth/login.html', form=form)