API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 7th, 2019
221
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.29 KB | None | 0 0
raw download clone embed print report
  1. from flask import Flask,request,render_template,flash,redirect,url_for,session,logging
  2. from flask_mysqldb import MySQL
  3. from wtforms import Form ,StringField,TextAreaField,PasswordField,validators
  4. from passlib.hash import sha256_crypt
  5. from functools import wraps
  6.  
  7. app=Flask(__name__)
  8. app.debug=True
  9.  
  10. #config MySQL
  11. app.config['MYSQL_HOST']='localhost'
  12. app.config['MYSQL_USER']='root'
  13. app.config['MYSQL_PASSWORD']=''
  14. app.config['MYSQL_DB']='tada'
  15. app.config['MYSQL_CURSORCLASS']='DictCursor'
  16. #initialize MYSQL
  17. mysql=MySQL(app)
  18.  
  19.  
  20. #Articles=Articles()
  21.  
  22. @app.route('/')
  23. def index():
  24.         return render_template('index.html')
  25.  
  26.  
  27. #register form class
  28. class RegisterForm(Form):
  29.         username=StringField('Username',[validators.Length(min=4,max=25)])
  30.         password=PasswordField('Password',[
  31.                 validators.DataRequired(),
  32.                 validators.EqualTo('confirm',message='Password do not match')
  33.         ])
  34.         confirm=PasswordField('Confirm Password')
  35.  
  36.  
  37. #user register
  38. @app.route('/register',methods=['GET','POST'])
  39. def register():
  40.         form=RegisterForm(request.form)
  41.         if(request.method == 'POST' and form.validate()):
  42.                 username=form.username.data
  43.                 password=sha256_crypt.encrypt(str(form.password.data))
  44.  
  45.                 #create cursor
  46.                 cur=mysql.connection.cursor()
  47.                 x = cur.execute("SELECT * FROM users WHERE username = (%s)",
  48.                         (thwart(username)))
  49.     if int(x) > 0:
  50.            
  51.                 flash("That username is already taken, please choose another")
  52.                 return render_template('register.html', form=form)
  53.  
  54.     else:
  55.                 cur.execute("INSERT INTO users(username,password) VALUES(%s, %s)",(username,password))
  56.  
  57.                 #connect to DB
  58.                 mysql.connection.commit()
  59.  
  60.                 #close connection
  61.                 cur.close()
  62.  
  63.                 flash('You are now registered and can log in','success')
  64.  
  65.                 return redirect(url_for('index'))      
  66.  
  67.         return render_template('register.html',form=form)
  68.        
  69. #User Login
  70. @app.route('/login',methods=['GET','POST'])
  71. def login():
  72.         if(request.method=='POST'):
  73.                 username=request.form['username']
  74.                 password_candidate=request.form['password']
  75.  
  76.                 #create cursor
  77.                 cur=mysql.connection.cursor()
  78.  
  79.                 #get user by username
  80.                 result=cur.execute("SELECT * FROM users WHERE username = %s",[username])
  81.                 if(result>0):
  82.                         #get shored hash
  83.                         data =cur.fetchone()
  84.                         password=data['password']
  85.                         #compare password
  86.                         if(sha256_crypt.verify(password_candidate,password)):
  87.                                 app.logger.info('PASSWORD MATCHED')
  88.                                 #passed
  89.                                 session['logged_in']=True
  90.                                 session['username']=username
  91.  
  92.                                 flash('You are now logged in','success')
  93.  
  94.                                 return redirect(url_for('index'))
  95.  
  96.                         else:
  97.                                 app.logger.info('PASSWORD NOT MATCHED')
  98.                                 error='Incorrect Password'
  99.                                 return render_template('login.html',error=error)
  100.  
  101.                         cur.close()
  102.                 else:
  103.                         app.logger.info('NO USER')
  104.                         error='Username not found'
  105.                         return render_template('login.html',error=error)
  106.  
  107.         return render_template('login.html')
  108.  
  109. #check if user is logged in
  110. def is_logged_in(f):
  111.         @wraps(f)
  112.         def wrap(*args, **kwargs):
  113.                 if 'logged_in' in session:
  114.                         return f(*args, **kwargs)
  115.                 else:
  116.                         flash('Unauthorized, Please login', 'danger')
  117.                         return redirect(url_for('login'))
  118.         return wrap
  119.  
  120.  
  121. #logout
  122. @app.route('/logout')
  123. @is_logged_in
  124. def logout():
  125.         session.clear()
  126.         flash('You are now logged out ','success')
  127.         return redirect(url_for('login'))
  128.  
  129.  
  130.  
  131. app.secret_key="secret123"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!