def login():
next = request.args.get('next', '/admin', type=str)
if 'auth' in session:
return redirect(next)
if request.method == 'POST':
try:
username = request.form['username']
password = request.form['password']
except KeyError:
flash(u"Invalid Username or Password", "error")
return render_template("auth/login.html", next=next)
profile = Profile()
profile.database = db
profile.load_admin()
if profile.verify_login(username, password):
flash(u"Welcome back %s" % profile.username, "info" )
session['auth'] = profile.userhash
return redirect(next)
else:
flash(u"Invalid Username or Password", "error")
return render_template("auth/login.html", next=next)
