Notify the user when their account needs verification.

endpoints/web.py

@@ -25,6 +25,7 @@ class _LoginWrappedDBUser(UserMixin):
 
 @login_manager.user_loader
 def load_user(username):
+  logger.debug('Loading user: %s' % username)
   db_user = model.get_user(username)
   if db_user:
     return _LoginWrappedDBUser(db_user)
@@ -38,9 +39,14 @@ def index():
 
 
 def common_login(db_user):
-  logger.debug('Successfully signed in as: %s' % db_user.username)
-  login_user(_LoginWrappedDBUser(db_user))
-  identity_changed.send(app, identity=Identity(db_user.username, 'username'))
+  if login_user(_LoginWrappedDBUser(db_user)):
+    logger.debug('Successfully signed in as: %s' % db_user.username)
+    identity_changed.send(app,
+                          identity=Identity(db_user.username, 'username'))
+    return True
+  else:
+    logger.debug('User could not be logged in, inactive?.');
+    return False
 
 
 @app.route('/signin', methods=['GET'])
@@ -56,14 +62,16 @@ def signin():
   #TODO Allow email login
   verified = model.verify_user(username, password)
   if verified:
-    common_login(verified)
-
-    return redirect(request.args.get('next') or url_for('index'))
+    if common_login(verified):
+      return redirect(request.args.get('next') or url_for('index'))
+    else:
+      return render_template('signin.html',
+                             needs_email_verification=True)
 
   else:
     return render_template('signin.html',
                            username=username,
-                           error='Invalid username or password.')
+                           invalid_credentials=True)
 
 
 @app.route('/confirm', methods=['GET'])