def login():
form = LoginForm()
if request.method == 'POST':
if form.validate():
authenticated_user = User.authenticate(form.username.data,
form.password.data)
if authenticated_user:
session['user_id'] = authenticated_user.id
flash('You are logged in.', 'positive')
return redirect(
url_for('users.show', user_id=authenticated_user.id))
else:
flash('Invalid credentials!', 'negative')
return redirect(url_for('auth.login'))
return render_template('login.html', form=form)
def login():
"""User login page."""
# Bypass Login screen if user is logged in
if current_user.is_authenticated:
return redirect(url_for('user.dashboard'))
form = LoginForm(request.form)
# POST: Create user and redirect them to the app
if request.method == 'POST':
if form.validate():
#Get Form Fields
email = request.form.get('email')
password = request.form.get('password')
# Validate Login Attempt
user = User.query.filter_by(email=email).first()
if user:
if user.check_password(password=password):
login_user(user)
next = request.args.get('next')
session['user_id'] = user.id
return redirect(next or url_for('user.dashboard'))
flash('Invalid username/password combination')
return redirect(url_for('user.login'))
#GET: Serve Log-in page
return render_template('users/login.html', form=form)