def login(): if request.method == "POST" and "username" in request.form: user = dqusers.user_by_username(request.form["username"]) if (user and user.check_password(request.form["password"])): remember = request.form.get("remember", "no") == "yes" if login_user(user, remember=remember): flash("Logged in!", "success") dqusers.logUserActivity({ 'user_id': user.id, 'ip_address': request.remote_addr, 'activity_type': user_activity_types.LOGGED_IN, 'activity_data': None }) identity_changed.send(current_app._get_current_object(), identity=Identity(user.id)) if request.args.get("next"): redir_url = request.script_root + request.args.get("next") else: redir_url = url_for("home") return redirect(redir_url) else: flash("Sorry, but you could not log in.", "error") else: flash(u"Invalid username or password.", "error") return render_template("login.html", admin=check_perms('admin'), loggedinuser=current_user)
def logout(): dqusers.logUserActivity({ 'user_id': current_user.id, 'ip_address': request.remote_addr, 'activity_type': user_activity_types.LOGGED_OUT, 'activity_data': None }) logout_user() # Remove session keys set by Flask-Principal for key in ('identity.name', 'identity.auth_type'): session.pop(key, None) # Tell Flask-Principal the user is anonymous identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash('Logged out', 'success') redir_url = url_for("home") return redirect(redir_url)