def post(self):
await self.request.post()
email = self.request.POST.get('email')
password = self.request.POST.get('password')
if not all((email, password)):
return web.HTTPFound(self.request.app.router['admin_login'].url())
try:
user = await settings.manager.get(User, email=email)
except User.DoesNotExist:
return web.HTTPFound(self.request.app.router['admin_login'].url())
if not all((user.active,
user.superuser,
await user.check_password(password=password))):
return web.HTTPFound(self.request.app.router['admin_login'].url())
session = await get_session(self.request)
session['email'] = user.email
return web.HTTPFound(self.request.app.router['admin_records'].url())
评论列表
文章目录
