def login(): """Logs the user in or creates a new user in the database.""" form = LoginForm(request.form) validates = request.method == 'POST' and form.validate() if validates: username = request.form.get('username') password = request.form.get('password') if not User.username_taken(username): user = User(username=username, password=hashulate(password)) db_session.add(user) db_session.commit() login_user(user) return redirect(request.args.get("next") or url_for("home")) elif User.check_password(User.id_from_name(username), request.form.get('password')): login_user(User(id=User.id_from_name(username))) return redirect(request.args.get("next") or url_for("home")) return render_template('login.html', form=form)