def login():
if current_user.is_authenticated:
return redirect(url_for('products_list'))
form = LoginForm(request.form)
error = None
if request.method == 'POST' and form.validate():
user = mongo.db.users.find_one({"username": form.username.data})
if user and User.validate_login(user['password'], form.password.data):
user_obj = User(user['username'])
login_user(user_obj)
return redirect(url_for('products_list'))
else:
error = 'Incorrect username or password.'
return render_template('user/login.html', form=form, error=error)
def load_user(user_id):
"""Flask-Login hook to load a User instance from ID."""
u = mongo.db.users.find_one({"username": user_id})
if not u:
return None
return User(u['username'])
