Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python3
- from flask import Flask, render_template, flash, request, redirect, url_for, session, logging
- from flask_mail import Mail, Message
- from flask_mysqldb import MySQL
- from wtforms import Form, StringField, TextAreaField, PasswordField, validators
- from passlib.hash import sha256_crypt
- from functools import wraps
- app =Flask(__name__)
- # Option 1: app.debug = True (allow to auto refresh server)
- # Config MySQL
- app.config['MYSQL_HOST'] = 'localhost'
- app.config['MYSQL_USER'] = 'root'
- app.config['MYSQL_PASSWORD'] = '123'
- app.config['MYSQL_DB'] = 'myflaskapp'
- app.config['MYSQL_CURSORCLASS'] = 'DictCursor' # by default the data set in MySQL will be in tuple; this one line of code sets the data set to dictionary structure
- # init MYSQL
- mysql = MySQL(app)
- @app.route('/blog')
- def blog():
- # Create cursor
- cur = mysql.connection.cursor()
- # Get articles
- result = cur.execute("SELECT * FROM articles")
- articles = cur.fetchall()
- if result > 0:
- return render_template('blog.html', articles=articles)
- else:
- msg = "No Articles Found"
- return render_template('blog.html', msg = msg)
- # Close connection
- cur.close()
- # Register Form Class
- class RegisterForm(Form):
- name = StringField('Name', [validators.Length(min=1, max=50)])
- username = StringField('Username', [validators.Length(min=4, max=25)])
- email = StringField ('Email', [validators.Length(min=6, max=50)])
- password = PasswordField ('Password', [
- validators.DataRequired(),
- validators.EqualTo('confirm', message='Passwords do not match.')
- ])
- confirm = PasswordField('Confirm Password')
- # Admin Register
- @app.route('/register', methods=['GET', 'POST'])
- def register():
- form = RegisterForm(request.form)
- if request.method == 'POST' and form.validate():
- name = form.name.data
- email = form.email.data
- username = form.username.data
- password = sha256_crypt.encrypt(str(form.password.data))
- # Create cursor
- cur = mysql.connection.cursor()
- # Execute query
- cur.execute("INSERT INTO users(name, email, username, password) VALUES(%s, %s, %s, %s)", (name, email, username, password))
- # Commit to DB
- mysql.connection.commit()
- # Close connection
- cur.close()
- flash('You are now registered and can log in.', 'green')
- return redirect(url_for('index'))
- return render_template('register.html')
- return render_template('register.html', form=form)
- # Admin Login
- @app.route('/login', methods = ['GET', 'POST'])
- def login():
- if request.method == 'POST':
- # Get Form Fields
- username = request.form['username']
- password_candidate = request.form ['password']
- # Create cursorcur
- cur = mysql.connection.cursor()
- # Get user by username
- result = cur.execute("SELECT * FROM users WHERE username = %s", [username])
- if result > 0:
- # Get stored hash
- data = cur.fetchone()
- password = data['password']
- # Compare Passwords
- if sha256_crypt.verify(password_candidate, password):
- # Passed
- session['logged_in']= True
- session['username'] = username
- flash('You are now logged in', 'green')
- return redirect(url_for('blog'))
- else:
- error = 'Invalid login'
- return render_template('login.html', error = error)
- # Close connection
- cur.close()
- else:
- error = 'Username not found'
- return render_template('login.html', error = error)
- return render_template('login.html')
- if __name__ == '__main__':
- app.secret_key='secert123456'
- app.run(host='0.0.0.0', port=6000, debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement