def signin(redirect_url=None): error = None if request.method == 'POST': error = 'email/password error' email = request.form['email'] password = request.form['password'] cur = g.db.execute('select username, salted_pwd from user where email=?', [email]) result = cur.fetchone() if result: username, salted_pwd = result salt, hashed_password = salted_pwd.split('.') if hash_password(username, password, salt) == hashed_password: session['username'] = username return redirect_back('index') return render_template('signin.html', error=error)
def unmark_thread(thread_id): g.db.execute('delete from mark where thread_id = ? and user_id = ?', [thread_id, g.user['user_id']]) g.db.commit() flash('Unmark success!') return redirect_back('view_thread', thread_id=thread_id)