|
|
|
@ -30,10 +30,10 @@ def login():
|
|
|
|
|
username = form.email.data
|
|
|
|
|
if username != device_cookie_username and utils.limiter.should_rate_limit_ip(client_ip):
|
|
|
|
|
flask.flash('Too many attempts from your IP (rate-limit)', 'error')
|
|
|
|
|
return flask.render_template('login.html', form=form)
|
|
|
|
|
return flask.render_template('login.html', form=form, fields=fields)
|
|
|
|
|
if utils.limiter.should_rate_limit_user(username, client_ip, device_cookie, device_cookie_username):
|
|
|
|
|
flask.flash('Too many attempts for this user (rate-limit)', 'error')
|
|
|
|
|
return flask.render_template('login.html', form=form)
|
|
|
|
|
return flask.render_template('login.html', form=form, fields=fields)
|
|
|
|
|
user = models.User.login(username, form.pw.data)
|
|
|
|
|
if user:
|
|
|
|
|
flask.session.regenerate()
|
|
|
|
|