def login(): # If user is logged in, send them directly to content if user_logged_in(g.user): flash('Welcome back, ' + g.user.username + '!', 'information') return redirect(url_for('manage')) # If the login form is valid (username and password are filled in), # proceed with attempting login if request.method == 'POST': remember_me = True # defaults to remember me, do I want to change this? data = request.form username = data['username'] password = data['password'] # Load users from file ALL_USERS = load_users_from_file() # Grab user object from user object dictionary user_obj = get_user(username, ALL_USERS) # Check for empty username and password if username.strip() == '': flash('You need to provide a username.', 'information') elif password == '': flash('You need to provide a password.', 'information') # Check for valid username elif username in ALL_USERS: # Check user's password if user_obj.check_password(password): # Try logging in! if login_user(user_obj, remember=remember_me): # Yay, it worked! Send user to content. flash(g.user.username + ' logged in successfully.', 'success') return redirect(request.args.get('next') or url_for('manage')) # Uh oh. Something went wrong else: # User isn't active. They can't login. if not user_obj.is_active(): flash('Login failed: ' + username + ' is inactive.', 'error') # I don't know why login failed; username and password # are OK, user is active, but login_user returned false. else: flash('Login failed for an unknown reason.', 'error') # Bad password else: flash('Invalid username or password.', 'warning') # Bad username else: flash('Invalid username or password.', 'warning') return render_template('login.html')
def load_user(user_id): # Load users from disk into memory every time a user object is referenced # This should keep our user database current at all times. # Is this a good idea? ALL_USERS = load_users_from_file() return get_user(user_id, ALL_USERS)