def login(): """For GET requests, display the login form. For POSTS, login the current userby processing the form. """ # TODO: Make roles. form = LoginForm(request.form) if form.validate_on_submit(): user = dbapi.get_user(form.email.data) if user: if bcrypt.check_password_hash(user.password, form.password.data): user.authenticated = True dbapi.add(user) login_user(user, remember=True) return redirect(url_for("home")) return render_template("login.html", form=form)
def user_loader(user_id): """Given *user_id*, return the associated User object. :param unicode user_id: user_id (email) user to retrieve """ return dbapi.get_user(user_id)