def edit_user(): form = forms.UserForm() if form.validate_on_submit(): db = get_db() db.update( { "username": form.username.data, "hashed_password": generate_password_hash(form.password.data) }, doc_ids=[current_user.id]) flash("Information saved!", "success") return redirect("/") form.username.data = current_user.username return render_template("users/edit.html", form=form, title="Edit Profile")
def login(): form = forms.UserForm() if form.validate_on_submit(): db = get_db() user = db.search((Query().username == form.username.data) & (Query().type == "user")) if user and check_password_hash(user[0]["hashed_password"], form.password.data): user = User.from_db(user[0]) login_user(user, remember=True) flash("Login successful!", "success") next_url = request.args.get("next") return redirect(next_url or "/") flash("Invalid credentials", "error") return redirect("/login") return render_template("users/login.html", form=form, title="Login")