def login():
form = LoginForm(request.form)
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(
user.password, request.form['password']):
login_user(user)
flash('You are logged in. Welcome!', 'success')
return redirect(url_for('user.members'))
else:
flash('Invalid email and/or password.', 'danger')
return render_template('user/login.html', form=form)
return render_template('user/login.html', title='Please Login', form=form)
def test_check_password(self):
# Ensure given password is correct after unhashing.
user = User.query.filter_by(email='*****@*****.**').first()
self.assertTrue(bcrypt.check_password_hash(user.password, 'admin_user'))
self.assertFalse(bcrypt.check_password_hash(user.password, 'foobar'))
