def register(): form = RegisterForm() if form.validate_on_submit() and session.get('id') is None: user = UserInfo() user_exist = UserInfo.query.filter_by(name=form.username.data).first() if user_exist: form.username.errors.append( 'Username already taken. Please change') return render_template('register.html', form=form) else: user.name = form.username.data user.email = form.email.data user.password = form.password.data user.score = 0 db.session.add(user) db.session.commit() # ログインしたことにする session['id'] = user.id session['name'] = user.name return redirect(url_for('start_page')) else: # GET return render_template('register.html', form=form)
def login(): if session.get('id'): # return redirect(url_for('logout')) session.clear() next = get_redirect_target() form = LoginForm(request.form) if form.validate_on_submit(): user, authenticated = UserInfo.authenticate(db.session.query, form.name.data, form.password.data) if authenticated: session['id'] = user.id session['name'] = user.name if user.id == 1: session['admin'] = "admin" flash('You are admin!', 'info') flash('You were logged in', 'success') return redirect_back('start_page') else: flash('Invalid user or password', 'danger') return render_template('login.html', form=form, next=next)