Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @app.route("/register", methods=["GET", "POST"])
- def register():
- """Register user."""
- #forget any user_id
- session.clear()
- # if user reached route via POST (as by submitting a form via POST)
- if request.method == "POST":
- # ensure username was submitted
- if not request.form.get("username"):
- return apology("must provide username")
- #ensure password was submitted
- elif not request.form.get("password"):
- return apology("must provide password")
- # ensure same password was entered twice
- if request.form.get("password") != request.form.get("password confirmation"):
- return apology("passwords much match! (password field and password confirmation field)")
- # secure user's password: hash password with pwd_context.encrypt()
- # "username" is a UNIQUE field in the database, as is the "user_id" field.
- # check for db.execute failure
- # try to add user to database with:
- # db.execute("INSERT INTO users (username, hash) VALUES(:username, :hash)", username=request.form.get("username"), hash=hash)
- # if not result:
- # return apology("...") to print error message that the username already exists
- # once they register successfully, log them in automatically
- # store their id in session
- # session["user_id"]
- hash = pwd_context.encrypt(request.form.get("password"))
- result = db.execute("INSERT INTO users (username, hash) VALUES(:username, :hash)", username=request.form.get("username"), hash=hash)
- if not result:
- return apology("username already exists!")
- rows = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username"))
- if not rows:
- apology("something went wrong")
- session["user_id"] = rows[0]["id"]
- return render_template("register.html")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
