def login_post_handler():
try:
username = bottle.request.forms['username']
password = bottle.request.forms['password']
except KeyError:
bottle.abort(400, 'Invalid form.')
try:
user = model.get_user(username)
except KeyError:
bottle.redirect('/login?msg=fail')
if user['password_hash'] == model.PASSWORDLESS_HASH:
if not handler_util.is_admin():
bottle.redirect('/login?msg=fail')
else:
if not sha256_crypt.verify(password, user['password_hash']):
bottle.redirect('/login?msg=fail')
handler_util.set_current_username(username)
bottle.redirect('/')
评论列表
文章目录
