如何使用mysql验证flask / python中的凭据?
[英]how to validate credentials in flask/python with mysql?
问题描述
Flask/python validation for login is not working for me with mysql, i was searching google and documentations and i have seen few questions on stack-overflow on same thing but haven't been answered yet. 
登录的烧瓶/ python验证对我来说不适用于mysql,我正在搜索谷歌和文档,我已经看到几个关于堆栈溢出的问题同样的事情但尚未得到答复。
from flask import Flask, render_template, flash, request, url_for, redirect, session
from content_management import Content
#form validations
from wtforms import Form, BooleanField, TextField, PasswordField, validators
#to encrypt the password
from passlib.hash import sha256_crypt
#for SQL injection
from MySQLdb import escape_string as thwart
import gc
from functools import wraps
from mysql_connect import connection
app = Flask(__name__)
@app.route('/login/', methods=['GET','POST'])
def login_page():
error = ''
try:
c, conn = connection()
if request.method == "POST":
d = c.execute("SELECT * FROM clients WHERE email = (%s)", (thwart(request.form['email']),))
d = c.fetchone()[2]
if request.form['password'] == d:
email = request.form['email']
c.execute("SELECT * FROM clients WHERE email = (%s)", (thwart(email),))
clients_table = c.fetchall()
clientcid = clients_table[0]
flash(clientcid)
phone = clients_table[1]
rating = clients_table[4]
conn.commit()
c.execute("SELECT * FROM cpersonals WHERE cid = (%s)", (clientcid,))
cpersonals_table = c.fetchall()
first_name = cpersonals_table[1]
last_name = cpersonals_table[2]
address = cpersonals_table[3]
czip = cpersonals_table[4]
reg_date = cpersonals_table[5]
conn.commit()
c.close()
conn.close()
session['logged_in'] = 'client'
session['clientcid'] = clientcid
session['email'] = email
session['phone'] = phone
session['rating'] = rating
session['first_name'] = first_name
session['last_name'] = last_name
session['address'] = address
session['czip'] = czip
session['reg_date'] = reg_date
flash("You are now logged in.")
return redirect(url_for("dashborad"))
else:
error = "Invalid credentials, try again."
return render_template("login.html")
is there an easy way to validate credentials in MySQL without frameworks 有一种简单的方法可以在没有框架的情况下验证MySQL中的凭据
1 个解决方案
解决方案1
0 2017-06-16 03:10:58
This isn't a full answer (that gives code examples of what you should do to solve your problem), rather a few suggestions: 这不是一个完整的答案(提供了解决问题应该做的代码示例),而是一些建议:
You are using flask with a database but not using a flask extension such as flask-sqlalchemmy , which is a library that makes SQLAlchemy (a database toolkit) easier to use with python. 您正在使用带有数据库的烧瓶,但没有使用烧瓶扩展,例如flask-sqlalchemmy ,这是一个使SQLAlchemy (数据库工具包)更易于与python一起使用的库。 With something like flask-login (which handles logging in and out as well as the common "remember me" feature), what your trying to do is pretty easy. 有了像flask-login (处理登录和退出以及常见的“记住我”功能)之类的东西,你尝试做的事情非常简单。 If you'd like an example file that handles logging in a user by checking their credentials from a database using flask-sqlalchemy and flask-login I can make one, but there are lots of examples of applications using these tools around. 如果您希望通过使用flask-sqlalchemy和flask-login从数据库检查其凭据来处理用户登录的示例文件,我可以创建一个,但是有很多应用程序使用这些工具的示例。
Using a database toolkit such as the one I mentioned has lots of other advantages as well, the least of which is database system portability (code using sqlalchemy will usually work on multiple database backends like mysql, postgreSQL, sqlite, etc). 使用我提到的数据库工具包还有许多其他优点,其中最少的是数据库系统的可移植性(使用sqlalchemy的代码通常可以在多个数据库后端工作,如mysql,postgreSQL,sqlite等)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.