def login():
# redirect to home if already logged in
if session.get('user_id'):
return redirect(url_for('index'))
if request.method == 'POST':
user = User.get_by_email(request.form['email'])
if user and user.status == 1 and user.check_password(
request.form['password']):
session['user_id'] = user.id
flash('You have successfully logged in.')
return redirect(url_for('index'))
flash('Invalid username or password.')
return render_template('login.html')
def admin_user_init():
email = request.form['email']
if is_valid_email(email):
if not User.query.filter_by(email=email).first():
user = User(
email=email,
token=generate_token(),
)
db.session.add(user)
db.session.commit()
flash('User initialized.')
else:
flash('Username already exists.')
else:
flash('Invalid email address.')
# send notification to user
return redirect(url_for('admin'))