def authorize(): if request.method == 'GET': if request.args.get('client_id') == 'supermenu': return render_template('login.html', authorize=True) elif request.method == 'POST': username = request.form.get('username') password = request.form.get('password') user = User(username, db) if user.verify_password(password): user_code = user.get_id() state = request.args.get('state') redirect_url = unquote(request.args.get('redirect_uri')) redirect_url += '&code={}&state={}&response_type=code'.format(user_code, state) return redirect(redirect_url)
def login(): if request.method == 'GET': return render_template('login.html', login=True) username = request.form.get('username') password = request.form.get('password') action = request.form.get('button') if action == 'toregister': return redirect(url_for('register')) if not username: flash('请填写用户名') return render_template('login.html') elif not password: flash('请填写密码') return render_template('login.html') user = User(username, db) if user.verify_password(password): login_user(user) return redirect(url_for('index')) else: flash('用户名或密码无效') return render_template('login.html')