def login():
if 'username' in session:
return redirect(url_for("main.home"))
form = LoginForm()
if request.method == "POST":
if form.validate() == False:
return render_template("main/login.html", form=form)
else:
user = form.username.data
password = form.password.data
db_user = User2.query.filter_by(username=user).first()
if db_user is not None and db_user.check_password(
password) and db_user.chall == session['chall']:
session['username'] = user
session['admin'] = db_user.isAdmin
return redirect(url_for("main.home"))
else:
msg = "Username/Password Incorrect"
return render_template("main/login.html", msg=msg, form=form)
elif request.method == "GET":
session['chall'] = request.args.get("chall")
return render_template("main/login.html", form=form)
def login():
"""Login function for user."""
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
email_credential = request.form['email']
password_credential = request.form['password']
user = User.query.filter_by(email=email_credential).first()
if user and sha256_crypt.verify(password_credential, user.password):
login_user(user)
session['logged_in'] = True
session['name'] = user.name
flash('Welcome back ' + current_user.name.title(), 'success')
return redirect(url_for('dashboard_bp.dashboard'))
else:
flash('Wrong Credentials', 'danger')
return redirect(url_for('login_bp.login'))
return render_template('login.html', form=form)