def login():
form = LoginForm(csrf_enabled=False)
if request.method == 'POST' and form.validate_on_submit():
user = User.get_by_username(form.username.data)
password = user.verify_password(form.password.data)
if user is None:
flash(u'该用户名不存在!')
elif password is not True:
flash(u'您的密码错误!')
else:
login_user(user, remember=form.remember_me.data)
if current_user.is_administer():
flash(u'欢迎您 管理员!')
return redirect(url_for('main.admin'))
else:
flash(u'您登录成功!')
return redirect(
url_for('main.user', username=current_user.username))
return render_template('login.html', form=form, title=u'欢迎登录')
def user(username):
user = User.get_by_username(username)
if user is None:
abort(404)
return render_template('user.html', user=user)
def validate_username(self, field):
if field.data != self.user.username and User.get_by_username(
field.data):
raise ValueError(u'该用户名已经被使用!')
else:
return True
