def login():
error = None
if request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
remember = request.form.get('remember', 'no') == 'yes'
if username != current_app.config['ADMIN_USERNAME']:
error = 'Invalid username'
elif not bcrypt.check_password_hash(current_app.config['ADMIN_PASSWORD_HASH'], password):
error = 'Invalid password'
else:
user = User(username)
if login_user(user, remember=remember):
flash('You were logged in')
else:
flash('Some sort of error occurred?!?!')
return redirect(request.args.get("next") or url_for('main.index'))
return render_template('users/login.html', error=error)
def check_password(self, value):
"""Check password."""
return bcrypt.check_password_hash(self.password, value)
def check_password(self, potential_password):
if not self.password_hash:
return False
return bcrypt.check_password_hash(self.password_hash, potential_password)
