def authorize():
if request.method == 'GET':
if request.args.get('client_id') == 'supermenu':
return render_template('login.html', authorize=True)
elif request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
user = User(username, db)
if user.verify_password(password):
user_code = user.get_id()
state = request.args.get('state')
redirect_url = unquote(request.args.get('redirect_uri'))
redirect_url += '&code={}&state={}&response_type=code'.format(user_code, state)
return redirect(redirect_url)
def login():
if request.method == 'GET':
return render_template('login.html', login=True)
username = request.form.get('username')
password = request.form.get('password')
action = request.form.get('button')
if action == 'toregister':
return redirect(url_for('register'))
if not username:
flash('请填写用户名')
return render_template('login.html')
elif not password:
flash('请填写密码')
return render_template('login.html')
user = User(username, db)
if user.verify_password(password):
login_user(user)
return redirect(url_for('index'))
else:
flash('用户名或密码无效')
return render_template('login.html')
