def login(username, password): if is_valid_login(username, password): user = User.filter_by(username=username).first() active_sessions = Session.filter_by(active=True, user_id=user.id).all() if active_sessions: for sess in active_sessions: sess.active = False session = Session() session.user_id = user.id session.create_date = datetime.now() session.expire_date = datetime.now() + timedelta(days=30) session.token = uuid4() session.insert() db.Session.commit() return session else: return None