def login():
"""
Show the login page and handle login requests.
:return: The login page.
:rtype: flask.Response
"""
if request.method == 'POST':
try:
username = request.form.get('username', None)
password = request.form.get('password', None)
if username is None or password is None:
flash('Invalid data', 'danger')
return redirect(url_for('login'))
user = User.query().filter_by(username=username).first()
if user is None or not user.check_password(password):
flash('Invalid login credentials', 'danger')
else:
flash('You were logged in successfully!', 'success')
session['logged_in'] = True
session['user'] = user.id
if request.args.get('next', None):
return redirect(request.args['next'])
return redirect(url_for('main_page'))
except KeyError:
flash('Missing username or password', 'info')
return render_template('login.html')
def manage_users():
"""
Manage the other users.
This page lists the available users, with buttons to edit and remove the users.
:return: The page.
:rtype: flask.Response
"""
users = User.query().all()
user = User.get_by_id(session['user'])
return render_template('list_users.html', users=users, user=user)
