def login():
loginForm = LoginForm()
if current_user:
if current_user.admin:
return redirect("admin")
return redirect("panel")
if request.method == "GET":
return render_template("login.html", loginForm=loginForm)
form = LoginForm(request.form)
if form.validate():
email = request.form.get("email")
password = request.form.get("password")
if not email or not password:
return render_template("login.html",
loginForm=loginForm,
errors=True)
user = User.query.filter(User.email == email).first()
if not user:
return render_template("login.html",
loginForm=loginForm,
errors=True)
if not bcrypt.hashpw(password.encode("UTF-8"),
user.password.encode(
"UTF-8")) == user.password.encode("UTF-8"):
return render_template("login.html",
loginForm=loginForm,
errors=True)
login_user(user)
if user.admin:
return redirect("admin")
return redirect("panel")
