def login(): """ Show the login page and handle login requests. :return: The login page. :rtype: flask.Response """ if request.method == 'POST': try: username = request.form.get('username', None) password = request.form.get('password', None) if username is None or password is None: flash('Invalid data', 'danger') return redirect(url_for('login')) user = User.query().filter_by(username=username).first() if user is None or not user.check_password(password): flash('Invalid login credentials', 'danger') else: flash('You were logged in successfully!', 'success') session['logged_in'] = True session['user'] = user.id if request.args.get('next', None): return redirect(request.args['next']) return redirect(url_for('main_page')) except KeyError: flash('Missing username or password', 'info') return render_template('login.html')
def manage_users(): """ Manage the other users. This page lists the available users, with buttons to edit and remove the users. :return: The page. :rtype: flask.Response """ users = User.query().all() user = User.get_by_id(session['user']) return render_template('list_users.html', users=users, user=user)