def login(): if current_user.is_authenticated(): return redirect(url_for('index')) form = LoginForm(request.form) if form.validate_on_submit(): user = app.auth_handler(form.mail.data, form.password.data) if not user: flash('Invalid login.', 'error') return render_template('login-form.html', form=form) login_user(user, remember=True) user.set_last_login() def next_url(url): try: return url_for(url) except: return url goto = next_url(request.args.get('next')) or url_for('index') return redirect(goto) flash_errors(form) return render_template('login-form.html', form=form)
def decorated(*args, **kwargs): auth = request.authorization if not auth or not app.auth_handler(auth.username, auth.password): return abort(401, message='Access denied') return f(*args, **kwargs)