def login():
if request.method == "POST" and "username" in request.form:
user = dqusers.user_by_username(request.form["username"])
if (user and user.check_password(request.form["password"])):
remember = request.form.get("remember", "no") == "yes"
if login_user(user, remember=remember):
flash("Logged in!", "success")
dqusers.logUserActivity({
'user_id': user.id,
'ip_address': request.remote_addr,
'activity_type': user_activity_types.LOGGED_IN,
'activity_data': None
})
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.id))
if request.args.get("next"):
redir_url = request.script_root + request.args.get("next")
else:
redir_url = url_for("home")
return redirect(redir_url)
else:
flash("Sorry, but you could not log in.", "error")
else:
flash(u"Invalid username or password.", "error")
return render_template("login.html",
admin=check_perms('admin'),
loggedinuser=current_user)
def logout():
dqusers.logUserActivity({
'user_id': current_user.id,
'ip_address': request.remote_addr,
'activity_type': user_activity_types.LOGGED_OUT,
'activity_data': None
})
logout_user()
# Remove session keys set by Flask-Principal
for key in ('identity.name', 'identity.auth_type'):
session.pop(key, None)
# Tell Flask-Principal the user is anonymous
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
flash('Logged out', 'success')
redir_url = url_for("home")
return redirect(redir_url)
