def login():
if session.get('id'):
# return redirect(url_for('logout'))
session.clear()
next = get_redirect_target()
form = LoginForm(request.form)
if form.validate_on_submit():
user, authenticated = UserInfo.authenticate(db.session.query,
form.name.data,
form.password.data)
if authenticated:
session['id'] = user.id
session['name'] = user.name
if user.id == 1:
session['admin'] = "admin"
flash('You are admin!', 'info')
flash('You were logged in', 'success')
return redirect_back('start_page')
else:
flash('Invalid user or password', 'danger')
return render_template('login.html', form=form, next=next)