(self)
| 263 | self.render("login.html", error=None) |
| 264 | |
| 265 | async def post(self): |
| 266 | try: |
| 267 | author = await self.queryone( |
| 268 | "SELECT * FROM authors WHERE email = %s", self.get_argument("email") |
| 269 | ) |
| 270 | except NoResultError: |
| 271 | self.render("login.html", error="email not found") |
| 272 | return |
| 273 | password_equal = await tornado.ioloop.IOLoop.current().run_in_executor( |
| 274 | None, |
| 275 | bcrypt.checkpw, |
| 276 | tornado.escape.utf8(self.get_argument("password")), |
| 277 | tornado.escape.utf8(author.hashed_password), |
| 278 | ) |
| 279 | if password_equal: |
| 280 | self.set_signed_cookie("blogdemo_user", str(author.id)) |
| 281 | self.redirect_to_next() |
| 282 | else: |
| 283 | self.render("login.html", error="incorrect password") |
| 284 | |
| 285 | |
| 286 | class AuthLogoutHandler(BaseHandler): |
nothing calls this directly
no test coverage detected