def login():
if request.method == 'POST':
username = request.json.get('username')
password = request.json.get('password')
user = User.select().where(User.username == username)
if not user.exists() or not user[0].check_password(password):
return jsonify({'error': 'Authentication failed'})
user = user[0]
session.clear()
session['user_id'] = user.id
return redirect(url_for('index'))
def register():
if request.method == 'POST':
username = request.json.get('username')
password = request.json.get('password')
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif User.select().where(User.username == username).exists():
error = 'Username exists in database'
if error is None:
instance = User.create(username=username,
password=generate_password_hash(password))
return redirect(url_for('auth.login'))
else:
return jsonify({'error': error})
return redirect(url_for('index'))
