def authorize():
if request.method == 'GET':
if request.args.get('client_id') == 'supermenu':
return render_template('login.html', authorize=True)
elif request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
user = User(username, db)
if user.verify_password(password):
user_code = user.get_id()
state = request.args.get('state')
redirect_url = unquote(request.args.get('redirect_uri'))
redirect_url += '&code={}&state={}&response_type=code'.format(user_code, state)
return redirect(redirect_url)
