Fixed login

server.py

@@ -155,9 +155,20 @@ def course():
 @app.route('/login', methods=['POST'])
 def login():
 	user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
-	if user and 'user' in groups:
-		session.user = user
-	return redirect(request.form.get('ref'))
+	if user and 'users' in groups:
+		session['user'] = user
+	if 'ref' in request.values:
+		return redirect(request.values['ref'])
+	else:
+		return redirect(url_for('index'))
+
+@app.route('/logout')
+def logout():
+	session.pop('user')
+	if 'ref' in request.values:
+		return redirect(request.values['ref'])
+	else:
+		return redirect(url_for('index'))
 
 if __name__ == '__main__':
 	app.run()

templates/base.html

@@ -56,7 +56,7 @@
 									</li>
 									{% endfor %}
 									<li class="navbar-right">
-										{% if not session.userid is defined %}
+										{% if not session.user is defined %}
 										<a id="loginpopover" data-container="body" data-toggle="popover" data-placement="bottom"> 
 											<span class="glyphicon glyphicon-log-in"></span>
 										</a>
@@ -70,7 +70,7 @@
 											)
 										</script>
 										{% else %}
-										<a herf="/logout">
+										<a href="/logout?ref={{ request.url|urlencode }}">
 											<span class="glyphicon glyphicon-log-out"></span>
 										</a>
 										{% endif %}