1 files changed, 14 insertions, 12 deletions

diff --git a/accounts/views/login/__init__.py b/accounts/views/login/__init__.py
index 730b3ed..ee049bf 100644
--- a/accounts/views/login/__init__.py
+++ b/accounts/views/login/__init__.py
@@ -2,17 +2,21 @@
 
 
 from flask import Blueprint
-from flask import current_app, redirect, request, g, flash, render_template, url_for
+from flask import redirect, request, flash, render_template, url_for
 from flask_login import login_user, logout_user, current_user
 from urllib.parse import urljoin, urlparse
+from werkzeug import Response
 
-from .forms import LoginForm
+from accounts.app import accounts_app
+
+from typing import Union
 
+from .forms import LoginForm
 
 bp = Blueprint('login', __name__)
 
 
-def is_safe_url(target):
+def is_safe_url(target: str):
     ref_url = urlparse(request.host_url)
     test_url = urlparse(urljoin(request.host_url, target))
     print(target)
@@ -23,24 +27,22 @@ def is_safe_url(target):
 
 
 @bp.route('/login', methods=['GET', 'POST'])
-def login():
+def login() -> Union[str, Response]:
     if current_user.is_authenticated:
         return redirect(url_for('default.index'))
 
     form = LoginForm(request.form)
     if form.validate_on_submit():
         try:
-            user = current_app.user_backend.auth(form.username.data,
-                                                 form.password.data)
+            user = accounts_app.user_backend.auth(form.username.data,
+                                                  form.password.data)
             login_user(user)
             flash('Erfolgreich eingeloggt', 'success')
 
             next = request.form['next']
-            if not is_safe_url(next):
-                next = None
-            return redirect(next or url_for('default.index'))
-        except (current_app.user_backend.NoSuchUserError,
-                current_app.user_backend.InvalidPasswordError):
+            return redirect(next if is_safe_url(next) else url_for('default.index'))
+        except (accounts_app.user_backend.NoSuchUserError,
+                accounts_app.user_backend.InvalidPasswordError):
             flash('Ungültiger Benutzername und/oder Passwort', 'error')
 
     return render_template("login/login.html", form=form,
@@ -48,7 +50,7 @@ def login():
 
 
 @bp.route('/logout')
-def logout():
+def logout() -> Response:
     logout_user()
     flash('Erfolgreich ausgeloggt.', 'success')
     return redirect(url_for('.login'))