def login(): if current_user.is_authenticated(): return redirect(url_for('about')) if 'next_url' not in session: session['next_url'] = urlparse(request.referrer).path form = LoginForm() if request.method == 'POST' and form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() if user and user.is_correct_password(form.password.data): login_user(user) flash(MSG_LOGIN_SUCCESS, 'success') session.pop('next_url', None) return form.redirect(url_for('about')) else: flash(MSG_INVALID_USER, 'error') return redirect(url_for('login')) return render_template('login.html', form=form)
def logout(): form = LoginForm() logout_user() flash(MSG_LOGOUT_SUCCESS, 'success') return form.redirect(url_for('about'))