def login(): form = LoginForm() if form.validate_on_submit(): user = User.authenticate(username=form.username.data, password=form.password.data) if user and login_user(user): flash("Logged in successfully.", "success") return redirect(request.args.get("next") or url_for(".home")) else: flash("Login failed.", "danger") return render_template("login.html", form=form)
def change_password(): form = ChangePasswordForm() if request.method == "GET": return render_template("change_password.html", form=form) # Re-validate old password if form.validate_on_submit() and User.authenticate( current_user.username, form.current_password.data): current_user.update_password(form.password.data) current_user.save() flash("Password change successfully.", "success") return redirect(url_for(".home")) else: flash("Password change failed.", "danger") return render_template("change_password.html", form=form)