def login(): if request.method == 'POST': username = request.json.get('username') password = request.json.get('password') user = User.select().where(User.username == username) if not user.exists() or not user[0].check_password(password): return jsonify({'error': 'Authentication failed'}) user = user[0] session.clear() session['user_id'] = user.id return redirect(url_for('index'))
def register(): if request.method == 'POST': username = request.json.get('username') password = request.json.get('password') error = None if not username: error = 'Username is required.' elif not password: error = 'Password is required.' elif User.select().where(User.username == username).exists(): error = 'Username exists in database' if error is None: instance = User.create(username=username, password=generate_password_hash(password)) return redirect(url_for('auth.login')) else: return jsonify({'error': error}) return redirect(url_for('index'))