def login(): if g.user is not None and g.user.is_authenticated: return redirect(url_for('index')) form = LoginForm() if form.validate_on_submit(): user = User() user.name = form.name.data user.passwd = form.password.data.strip() users = User.find_all('name=?', [user.name]) if users is None or len(users) == 0: log(level=1, msg="用户名不存在!") return redirect(url_for('login')) elif not check_password_hash(users[0].passwd, user.passwd): log(level=1, msg="密码错误!") return redirect(url_for('login')) login_user(users[0], remember=True) return redirect(request.args.get('next') or url_for('index')) return render_template('login.html', title='Sign in', form=form)
def login(request): from www.forms import LoginForm if request.POST: form = LoginForm(request.POST) if form.is_valid(): email = form.cleaned_data.get('email') password = form.cleaned_data.get('password') remember_me = form.cleaned_data.get('remember_me') user = authenticate(username=email, password=password) if user is not None: if user.is_active: auth_login(request, user) next = request.POST.get('next', None) if not remember_me: request.session.set_expiry(0) if next: return redirect(next) return redirect('sites') else: logger.error("Attempted login by a disabled account.") messages.error(request, "Your account has been disabled. Please submit a support request for more details.") else: logger.error("Invalid username/password.") messages.error(request, "Your username and password did not match.") else: form = LoginForm() return { 'TEMPLATE': 'www/login.html', 'form': form, 'next': request.GET.get('next', ''), }