def login(): target_url = url_path(request.args.get('url', '/')) if current_user.is_authenticated: return redirect(target_url) form = LDAPLoginForm(meta=wft_locales()) if form.validate_on_submit(): user = form.user # flask_login stores user in session login_user(user) app.logger.info("Logging in as user '%s'" % user.username) app.logger.info("Groups: %s" % user.groups) if user.groups: identity = {'username': user.username, 'groups': user.groups} else: identity = user.username # Create the tokens we will be sending back to the user access_token = create_access_token(identity) # refresh_token = create_refresh_token(identity) resp = make_response(redirect(target_url)) # Set the JWTs and the CSRF double submit protection cookies # in this response set_access_cookies(resp, access_token) return resp elif form.submit(): # Replace untranslated messages for field, errors in form.errors.items(): if 'Invalid Username/Password.' in errors: errors.remove('Invalid Username/Password.') errors.append(i18n.t('auth.auth_failed')) return render_template('login.html', form=form, i18n=i18n, title=i18n.t("auth.login_page_title"))