def login(cls, username, password): user = cls.by_name(username) if not user: print 'user not found' else: print 'user found: %s ' % user.username if user and Secure.valid_password(username, password, user.password_hash): return user
def post(self): username = self.request.get('username') password = self.request.get('password') user = User.by_name(username) error = '' if not user: error = 'Invalid Username' elif not Secure.valid_password(username, password, user.password_hash): error = 'Invalid Password' if error == '': self.login(user) else: self.render('login.html', username = username, error = error)