Log in a registered user by adding the user id to the session.
()
| 83 | |
| 84 | @bp.route("/login", methods=("GET", "POST")) |
| 85 | def login(): |
| 86 | """Log in a registered user by adding the user id to the session.""" |
| 87 | if request.method == "POST": |
| 88 | username = request.form["username"] |
| 89 | password = request.form["password"] |
| 90 | db = get_db() |
| 91 | error = None |
| 92 | user = db.execute( |
| 93 | "SELECT * FROM user WHERE username = ?", (username,) |
| 94 | ).fetchone() |
| 95 | |
| 96 | if user is None: |
| 97 | error = "Incorrect username." |
| 98 | elif not check_password_hash(user["password"], password): |
| 99 | error = "Incorrect password." |
| 100 | |
| 101 | if error is None: |
| 102 | # store the user id in a new session and return to the index |
| 103 | session.clear() |
| 104 | session["user_id"] = user["id"] |
| 105 | return redirect(url_for("index")) |
| 106 | |
| 107 | flash(error) |
| 108 | |
| 109 | return render_template("auth/login.html") |
| 110 | |
| 111 | |
| 112 | @bp.route("/logout") |
nothing calls this directly
no test coverage detected
searching dependent graphs…