[英]Python Flask Login (Validate Issues)
嗨,我無法正常登錄。 我已經建立了一個數據庫,並用表單完成了登錄頁面。 我向數據庫添加了用戶名和密碼,但該頁面似乎仍未登錄。
我認為與驗證有關。 它一直在說“無效的憑證。 即使用戶名和密碼正確,也請重試。
completion = validate(username, password)
if completion == False:
error = 'Invalid Credentials. Please try again.'
else:
return redirect(url_for('dashboard'))
提前致謝:)
我是Python和Flask的新手。 PS我不能使用任何其他庫,例如sqlalchemy
from flask import Flask, render_template, redirect, url_for, request, g
import sqlite3
import hashlib
app = Flask(__name__)
# To convert the user input password as MD5
def check_password(hashed_password, user_password):
return hashed_password == hashlib.md5(user_password.encode()).hexdigest()
# Takes the inputed username and passwords as arguments, and compare them against the users table
def validate(username, password):
con = sqlite3.connect('var/data.db')
completion = False
with con:
cur = con.cursor()
cur.execute("SELECT * FROM Users")
rows = cur.fetchall()
for row in rows:
dbUser = row[1]
dbPass = row[2]
if dbUser == username:
completion = check_password(dbPass, password)
return completion
def init_db():
with app.app_context():
con = sqlite3.connect('var/data.db')
with app.open_resource('var/schema.sql', mode='r') as f:
con.cursor().executescript(f.read())
con.commit()
#The Homepage Route
@app.route("/")
def index():
return render_template('index.html', title='Home')
#The Login Route
@app.route('/login', methods=['GET', 'POST'])
def login():
error = None
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
completion = validate(username, password)
if completion == False:
error = 'Invalid Credentials. Please try again.'
else:
return redirect(url_for('dashboard'))
return render_template('login.html', error=error)
#The Dashboard Route
@app.route('/dashboard')
def dashboard():
#return "You have successfully logged in"
return render_template('dashboard.html', title='Dashboard')
#The Adds to the List
@app.route('/add', methods=['GET','POST'])
def add():
if not session.get('username'):
abort(401)
db = get_db()
db.execute('INSERT INTO Bucketlist (title,day,desc) VALUES(?,?,?)',
[request.form['title'], request.form['day'], request.form['desc']])
db.commit()
flash('Your wish has been added to your list')
return redirect(url_for('dashboard'))
#The Removes from the List
@app.route('/remove', methods=['GET'])
def remove():
delete = request.args.get('bucket_id', '')
print delete
db = get_db()
db.execute('DELETE FROM Bucketlist WHERE title=?', [delete])
db.commit()
cur = db.execute("select * from Bucketlist")
row = cur.fetchall()
flash('Your wish has been removed from your list')
return render_template("dashboard.html",row=row)
#Logs Out The User from Their Account
@app.route('/logout')
def logout():
session.pop('username', None)
flash('You Have Successful Loged Out')
return redirect(url_for('index'))
if __name__ == "__main__":
app.run(host='0.0.0.0', debug=True)
{% extends "base.html" %}
{% block content %}
<div class="container">
<h1>Sign In to View Your WounderList</h1>
<h2 class="form-text">Create Your Account Here!</h2>
<form action="/login" method="post">
<input type="text" placeholder="Username" name="username" value="{{
request.form.username }}">
<input type="password" placeholder="Password" name="password" value="{{
request.form.password }}">
<input class="btn btn-default" type="submit" value="Login">
</form>
{% if error %}
<p class="error"><strong>Error:</strong> {{ error }}
{% endif %}
</div>
{% endblock %}
DROP TABLE if EXISTS Users;
DROP TABLE if EXISTS Bucketlist;
CREATE TABLE Users (
user_id INTEGER PRIMARY KEY,
username VARCHAR(16) NOT NULL UNIQUE,
password VARCHAR(16) NOT NULL
);
CREATE TABLE Bucketlist (
bucket_id INTEGER NOT NULL,
title VARCHAR(32) NOT NULL,
day DATE NOT NULL,
desc VARCHAR(256) NOT NULL,
user_id INTEGER,
PRIMARY KEY (bucket_id),
FOREIGN KEY (user_id) REFERENCES users(user_id)
);
首先,您應該知道自己並不是真正的“登錄”,只是在檢查密碼。 登錄要求在用戶登錄並接受密碼后管理會話。
我懷疑問題出在您的密碼哈希上,因此出於測試目的,您應該嘗試不使用哈希的代碼。 查看是否可以首先驗證純文本密碼。
其次,最好只使用為此目的而創建的Flask庫,例如Flask-Login
,但是我想您是學生或其他人。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.