def post(self): form = AdminLoginForm(self) if form.validate(): username = form.username.data password = unicode( hashlib.md5(form.password.data).hexdigest(), 'utf-8') user = self.db.query(User).filter_by(loginname=username).first() if user and user.password == password: self.set_secure_cookie("blogadmin_user", user.loginname) return self.redirect('/admin/home') else: form.password.errors.append('Username or Password is wrong') return self.render("admin/login.html", loginform=form)
def get(self): if not self.current_user: form = AdminLoginForm(self) self.render("admin/login.html", loginform=form) else: return self.redirect('/admin/home')