def web_login(user_name, password): userid = User.login(user_name, password) if not userid: is_abuse_check(request.remote_addr, prefix="login", threshold=10, wait_time=60 * 60) return False if userid != -1: flash("Login success!") session["id"] = userid return userid