[英]How can I fix this error: ValueError: Invalid salt in flask?
有人能帮助我吗? 我收到此错误:
值错误:无效的盐
我正在尝试创建一个登录页面并注册。 问题是,当我要login
用户名和密码。 寄存器没问题
app.py
from os import close
from flask import Flask, render_template, redirect, request, url_for, session, flash
from flask_mysqldb import MySQL, MySQLdb
import bcrypt
app = Flask(__name__)
app.config['MYSQL_HOST'] = 'localhost'
app.config['MYSQL_USER'] = 'root'
app.config['MYSQL_PASSWORD'] = ''
app.config['MYSQL_DB'] = 'opensol'
app.config['MYSQL_CURSORCLASS'] = 'DictCursor'
mysql = MySQL(app)
@app.route("/")
def home():
return render_template("index.html")
@app.route('/register', methods=["GET", "POST"])
def register():
if request.method == 'GET':
return render_template("register.html")
else:
iden = request.form['id']
username = request.form['username']
email = request.form['email']
password = request.form['password'].encode('utf-8')
hash_password = bcrypt.hashpw(password, bcrypt.gensalt())
cur = mysql.connection.cursor()
cur.execute("INSERT INTO clientes (cl_id,cl_username,cl_email,cl_password) VALUES (%s,%s,%s,%s)",
(iden,username, email, hash_password,))
mysql.connection.commit()
session['username'] = username
session['email'] = email
session['id'] = iden
return redirect(url_for("home"))
# login
@app.route('/login', methods=["GET", "POST"])
def login():
if request.method == "POST":
username = request.form['username']
password = request.form['password'].encode('utf-8')
cur = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cur.execute("SELECT * FROM clientes WHERE cl_username=%s", (username,))
user = cur.fetchone()
cur.close()
if user is None:
flash("No encontrado")
return render_template("login.html")
else:
if bcrypt.hashpw(password, user["cl_password"].encode('utf-8')) == user["cl_password"].encode('utf-8'):
session['username'] = user['cl_username']
session['email'] = user['cl_email']
session['id'] = user['cl_id']
return render_template("principal.html")
else:
return "Error password and email not match"
else:
return render_template(url_for('home'))
@app.route('/logout')
def logout():
session.clear()
return render_template("home.html")
if __name__ == '__main__':
app.secret_key = "012#!ApaAjaBoleh)(*%"
app.run(debug=True)
有什么帮助吗?
您可以使用flask-bcrypt而不是使用bcrypt 。 flask-bcrypt 是一个烧瓶扩展,这意味着它针对与烧瓶一起使用进行了优化。
现在,您可以通过以下方式安装flask-bcrypt :
pip install flask-bcrypt
我建议对您的代码进行这些必要的更改:
1.导入flask-bcrypt
from os import close
from flask import Flask, render_template, redirect, request, url_for, session, flash
from flask_mysqldb import MySQL, MySQLdb
# import bcrypt <--- no need of this
from flask_bcrypt import Bcrypt # <--- importing flask_bcrypt
2. 用应用程序初始化
app = Flask(__name__)
app.config['MYSQL_HOST'] = 'localhost'
app.config['MYSQL_USER'] = 'root'
app.config['MYSQL_PASSWORD'] = ''
app.config['MYSQL_DB'] = 'opensol'
app.config['MYSQL_CURSORCLASS'] = 'DictCursor'
mysql = MySQL(app)
bcrypt = Bcrypt(app) # <---- add this line
3. 在def register():
这些更改def register():
password = request.form['password'].encode('utf-8') # <--- remove .encode('utf-8')
hash_password = bcrypt.hashpw(password, bcrypt.gensalt()) # < --- remove this line
hash_password = bcrypt.generate_password_hash(password).decode('utf-8') # <-- add this line
4.在def login()
这些更改:
password = request.form['password'].encode('utf-8') # <-- again, no need of .encode('utf'-8)
if bcrypt.hashpw(password, user["cl_password"].encode('utf-8')) == user["cl_password"].encode('utf-8'): # < --- remove this line
if bcrypt.check_password_hash(user['cl_password'],password): # < --- add this line
很明显, flask-bcrypt在实现方面非常简单。 进行以上更改后,您的应用程序将顺利执行注册-登录功能。
一个小技巧(题外话):永远不要硬编码你的app.secret_key
。 相反,将密钥声明为环境变量,然后访问它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.