Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from flask import *
- import MySQLdb
- import os
- import base64
- from functools import wraps
- import hashlib
- from models import get_connecttion
- from content_manager import content
- app = Flask(__name__)
- # added for session
- app.secret_key = os.urandom(24)
- @app.route('/login', methods=['GET', 'POST'])
- def login():
- e = None
- if request.method == 'POST':
- username_form = request.form['username']
- password_form = request.form['password']
- passwd = base64.b64encode(password_form)
- try:
- dcn, cur = get_connecttion()
- cur.execute("SELECT COUNT(1) FROM user WHERE user_name = %s;", [username_form]) # CHECKS IF USERNAME EXSIST
- if cur.fetchone()[0]:
- cur.execute("SELECT password FROM user WHERE user_name = %s;", [username_form]) # FETCH THE HASHED PASSWORD
- for row in cur.fetchall():
- if passwd == row[0]:
- session['logged_in'] = True
- cur.execute("SELECT * FROM windata;"),
- commentsList = cur.fetchall()
- return render_template('table_V2.html', datas=commentsList)
- else:
- e = "Invalid Credential"
- return render_template('mainlogin.html', error=e)
- else:
- e = "Invalid Credential"
- return render_template('mainlogin.html', error=e)
- except (MySQLdb.Error, MySQLdb.Warning) as e:
- return render_template('mainlogin.html', error=e)
- def login_required(test):
- @wraps(test)
- def wrap(*args, **kwargs):
- if 'logged_in' in session:
- return test(*args, **kwargs)
- else:
- flash('You need to login first')
- return redirect(url_for('index'))
- return wrap
- @app.route('/')
- def index():
- return render_template('mainlogin.html')
- @app.route('/signup')
- def sign_up():
- return render_template('signup.html')
- @app.route("/adduseraction", methods=["post"])
- def add_user_action():
- # global first_name, last_name, email
- if request.form:
- user_name = request.form['usernamesignup']
- password = request.form['passwordsignup']
- email = request.form['emailsignup']
- passwd = base64.b64encode(password)
- query = "insert into user values (0,'%s','%s','%s')"
- query = query % (user_name, passwd, email)
- try:
- dcn, cur = get_connecttion()
- cur.execute(query)
- dcn.commit()
- return render_template('Sucess.html', user=user_name )
- except (MySQLdb.Error, MySQLdb.Warning) as e:
- e = "{} is already a user. Please use another username.".format(user_name)
- return render_template('signup.html', err = e)
- @app.route('/home')
- @login_required
- def home():
- e = None
- dcn, cur = get_connecttion()
- cur.execute("SELECT * FROM windata;"),
- commentsList = cur.fetchall()
- return render_template('table_V2.html', datas=commentsList)
- @app.route('/forgot')
- def forgot():
- return render_template('password.html')
- @app.route('/password', methods=['GET', 'POST'])
- def passwd():
- if request.method == 'POST':
- username_form = request.form['username']
- email_form = request.form['emailsignup']
- try:
- dcn, cur = get_connecttion()
- cur.execute("SELECT COUNT(1) FROM user WHERE user_name = %s;", [username_form]) # CHECKS IF USERNAME EXSIST
- if cur.fetchone()[0]:
- cur.execute("SELECT email FROM user WHERE user_name = %s;", [username_form]) # FETCH THE HASHED email
- for row in cur.fetchall():
- if email_form == row[0]:
- cur.execute("SELECT password FROM user WHERE user_name = %s;", [username_form])
- for row1 in cur.fetchall():
- pas = base64.b64decode(row1[0])
- return render_template('password.html', user='Your Password is : '+pas)
- else:
- e = "Email not match. Please try again."
- return render_template('password.html', error=e)
- else:
- e = "Invalid Credential"
- return render_template('password.html', error=e)
- except (MySQLdb.Error, MySQLdb.Warning) as e:
- return render_template('password.html', error=e)
- @app.errorhandler(404)
- def page_not_found(e):
- return render_template('404.html')
- @app.errorhandler(500)
- def server_error(e):
- flash("OOPS! Something went wrong.. Please login again")
- return redirect(url_for('index'))
- if __name__ == '__main__':
- app.run(host='0.0.0.0',port=6060)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement