Untitled

#!/usr/bin/python3
from flask import Flask, render_template, flash, request, redirect, url_for, session, logging
from flask_mail import Mail, Message
from flask_mysqldb import MySQL
from wtforms import Form, StringField, TextAreaField, PasswordField, validators
from passlib.hash import sha256_crypt
from functools import wraps

app =Flask(__name__)
# Option 1: app.debug = True (allow to auto refresh server)

# Config MySQL
app.config['MYSQL_HOST'] = 'localhost'
app.config['MYSQL_USER'] = 'root'
app.config['MYSQL_PASSWORD'] = '123'
app.config['MYSQL_DB'] = 'myflaskapp'
app.config['MYSQL_CURSORCLASS'] = 'DictCursor' # by default the data set in MySQL will be in tuple; this one line of code sets the data set to dictionary structure

# init MYSQL
mysql = MySQL(app)

@app.route('/blog')
def blog():
    # Create cursor
    cur = mysql.connection.cursor()

    # Get articles
    result = cur.execute("SELECT * FROM articles")

    articles = cur.fetchall()

    if result > 0:
        return render_template('blog.html', articles=articles)
    else:
        msg = "No Articles Found"
        return render_template('blog.html', msg = msg)

    # Close connection
    cur.close()

# Register Form Class
class RegisterForm(Form):
    name = StringField('Name', [validators.Length(min=1, max=50)])
    username = StringField('Username', [validators.Length(min=4, max=25)])
    email = StringField ('Email', [validators.Length(min=6, max=50)])
    password = PasswordField ('Password', [
        validators.DataRequired(),
        validators.EqualTo('confirm', message='Passwords do not match.')
    ])
    confirm = PasswordField('Confirm Password')

# Admin Register
@app.route('/register', methods=['GET', 'POST'])
def register():
    form = RegisterForm(request.form)
    if request.method == 'POST' and form.validate():
        name = form.name.data
        email = form.email.data
        username = form.username.data
        password = sha256_crypt.encrypt(str(form.password.data))

        # Create cursor
        cur = mysql.connection.cursor()

        # Execute query
        cur.execute("INSERT INTO users(name, email, username, password) VALUES(%s, %s, %s, %s)", (name, email, username, password))

        # Commit to DB
        mysql.connection.commit()

        # Close connection
        cur.close()

        flash('You are now registered and can log in.', 'green')

        return redirect(url_for('index'))

        return render_template('register.html')

    return render_template('register.html', form=form)

# Admin Login
@app.route('/login', methods = ['GET', 'POST'])
def login():
    if request.method == 'POST':
        # Get Form Fields
        username = request.form['username']
        password_candidate = request.form ['password']

        # Create cursorcur
        cur = mysql.connection.cursor()

        # Get user by username
        result = cur.execute("SELECT * FROM users WHERE username = %s", [username])

        if result > 0:
            # Get stored hash
            data = cur.fetchone()
            password = data['password']

            # Compare Passwords
            if sha256_crypt.verify(password_candidate, password):
                # Passed
                session['logged_in']= True
                session['username'] = username

                flash('You are now logged in', 'green')
                return redirect(url_for('blog'))

            else:
                error = 'Invalid login'
                return render_template('login.html', error = error)

            # Close connection
            cur.close()
        else:
            error = 'Username not found'
            return render_template('login.html', error = error)

    return render_template('login.html')

if __name__ == '__main__':
    app.secret_key='secert123456'
    app.run(host='0.0.0.0', port=6000, debug=True)