def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate_on_submit():
user = User.login_user(form.username.data, request.remote_addr,
form.password.data)
# Check if we got a user or not
if user is None:
# Authentication failed
flash(_("<strong>Your username and/or password was \
incorrect.</strong> Please try again."))
return redirect(url_for('auth.login'))
# Set the username and organization on the session
session['login'] = user.username
session['organization'] = user.organizations[0]._id
# Assume authentication was successful
if 'login_destination' in session:
flash(_("<strong>You've logged in successfully!</strong>"), 'success')
return redirect(session.pop('login_destination'))
else:
return redirect(url_for('dashboard.index'))
else:
# Check if the user is logged in...if so, redirect to
# the dashbard as they shouldn't have to login again.
if 'login' not in session:
return render_template('auth/login.html', form=form)
else:
return redirect(url_for('dashboard.index'))
def decorated_function(*args, **kwargs):
if 'login' not in session:
app.logger.debug(
'User tried to access authenticated path. Redirecting...')
session['login_destination'] = request.path
# Only show flashes for paths not ignored
if request.path not in AUTH_IGNORE_FLASH:
flash(_('<strong>You must be logged in to view that\
page.</strong> Please login and we\'ll redirect you.'),
'error')
return redirect(url_for('auth.login'))
return f(*args, **kwargs)
def logout():
if 'login' in session:
session.clear()
flash(_("<strong>You've been logged out successfully.</strong>"), 'success')
return redirect(url_for('auth.login'))