Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @app.route('/login', methods=['GET','POST'])
- def login():
- if request.method == 'POST':
- #get form fields
- username = request.form['username']
- password_candidate = request.form['password']
- #create cursor
- cur = mysql.connection.cursor()
- #get user by username
- result = cur.execute("SELECT * FROM users WHERE username = %s", [username])
- if result > 0:
- #get stored hash
- data = cur.fetchone()
- password = data['password']
- #compare passwords
- if sha256_crypt.verify(password_candidate, password):
- app.logger.info('PASSWORD MATCHED')
- else:
- app.logger.info('PASSWORD DOES NOT MATCH')
- else:
- app.logger.info('NO SUCH USER FOUND')
- return render_template('login.html')
Add Comment
Please, Sign In to add comment
