python - Can't get this session to work properly -

i'm trying set session in application, doesn't seems work properly. after login, session displays on devtools doesn't redirect /index suppose do.

here i've done:

app.py

from flask import flask, render_template, redirect, url_for, request, session, flash functools import wraps   app = flask(__name__)  app.secret_key = "gr3hu39ud3n89ud893e4"   def login_required(f):     @wraps(f)     def wrap(*args, **kwargs):         if 'logged_in' in session:             return f(*args, **kwargs)         else:             flash('you need login first')             return redirect(url_for('login'))     return wrap   @app.route("/") @login_required def home():     return render_template('index.html')   @app.route('/welcome') def welcome():     return render_template('welcome.html')   @app.route('/login', methods=('get', 'post')) def login():     error = none     if request.method == 'post':         if request.form['username'] != 'admin' or request.form['password'] != 'admin':             error = 'invalid credentials. please try again'         else:             session['logged_in'] = true             flash('you logged in!')             return redirect(url_for('home'))     return render_template('login.html', error=error)  @app.route('/logout') @login_required def logout():     session.pop('logged_in', none)     flash('you logged out!')     return redirect(url_for('welcome'))  if __name__ == "__main__":     app.run(debug=true, host='0.0.0.0', port=5000) 

templates/welcome.html

<!doctype html> <html lang="en"> <head>     <meta charset="utf-8">     <title>document</title>     <link rel="stylesheet" href="/static/css/bootstrap.css">     <link rel="stylesheet" href="/static/css/bootstrap.css.map"> </head> <body>     <div class="container">         <h1>welcome flask</h1>         <p>click <a href="/">here</a> go home</p>         {% message in get_flashed_messages() %}             {{ message }}         {% endfor %}     </div> </body> </html> 

templates/index.html

<!doctype html> <html lang="en"> <head>     <meta charset="utf-8">     <title>document</title>     <link rel="stylesheet" href="/static/css/bootstrap.css">     <link rel="stylesheet" href="/static/css/bootstrap.css.map"> </head> <body>     <div class="container">         <h1>welcome flask</h1>         <p>click <a href="/logout">here</a> go logout</p>         {% message in get_flashed_messages() %}             {{ message }}         {% endfor %}     </div> </body> </html> 

templates/login.html

<!doctype html> <html lang="en"> <head>     <meta charset="utf-8">     <title>document</title>     <link rel="stylesheet" href="/static/css/bootstrap.css">     <link rel="stylesheet" href="/static/css/bootstrap.css.map"> </head> <body>     <div class="container">         <h1>please login</h1>         <br>         <form action="">             <input type="text" placeholder="username" name="username" value="{{ request.form.username }}">             <input type="password" placeholder="password" name="password" value="{{ request.form.password }}">             <input type="submit" class="btn btn-default" value="login">         </form>         {% if error %}             <p class="error"><strong>error</strong>{{error}}</p>         {% endif %}     </div> </body> </html> 

the <form> in login script did not have method attribute. no method attribute, form uses get default.

try in templates/login.html:

... <form method="post" action=""> ... 

reference:

• http://www.w3.org/tr/html401/interact/forms.html#h-17.3