Untitled

### SQL ###

mysql> DESCRIBE users;
+----------+----------------+------+-----+---------+----------------+
| Field    | Type           | Null | Key | Default | Extra          |
+----------+----------------+------+-----+---------+----------------+
| uid      | int(11)        | NO   | PRI | NULL    | auto_increment |
| username | varchar(20)    | YES  |     | NULL    |                |
| password | varchar(100)   | YES  |     | NULL    |                |
| email    | varchar(50)    | YES  |     | NULL    |                |
| settings | varchar(32500) | YES  |     | NULL    |                |
| tracking | varchar(32500) | YES  |     | NULL    |                |
| rank     | int(3)         | YES  |     | NULL    |                |
| code     | varchar(60)    | YES  |     | NULL    |                |
+----------+----------------+------+-----+---------+----------------+
8 rows in set (0.00 sec)


### EMAIL ###

msg = Message("Your authentication code.",
  sender="sender@sender.com",
  recipients=["recipient@recipient.com"])
msg.body = "Your authentication code is: {}".format(key)
mail.send(msg)


### REGSITER AND LOGIN FROM __INIT__.PY ###
@app.route('/login/', methods=["GET","POST"])
def login_page():
    error = ''
    try:
        c, conn = connection()
        if request.method == "POST":
            data = c.execute("SELECT * FROM users WHERE username = '%s'" % thwart(request.form['username']))
            data = c.fetchone()[2]

            if sha256_crypt.verify(request.form['password'], data):
                session['logged_in'] = True
                session['username'] = request.form['username']

                flash("You are now logged in")
                return redirect(url_for("dashboard"))

            else:
                error = "Invalid credentials, try again."

        gc.collect()

        return render_template("login.html", error=error)

    except Exception as e:
        error = "Invalid credentials, try again."
        return render_template("login.html", error = error)

class RegistrationForm(Form):
	username  = TextField('Username', [validators.Length(min=4, max=20)])
	email = TextField('Email Address', [validators.Length(min=6, max=50)])
	password = PasswordField('Password', [validators.Required(),
											validators.EqualTo('confirm', message="Passwords must match.")])
	confirm = PasswordField('Repeat Password')

	accept_tos = BooleanField('I accept the <a href="/tos">Terms of Service</a> and the <a href="/privacy">Privacy Notice</a> (Last updated 23/02/2018)', [validators.Required()])

@app.route('/register/', methods=["GET","POST"])
def register_page():
    try:
        form = RegistrationForm(request.form)

        if request.method == "POST" and form.validate():
            username  = form.username.data
            email = form.email.data
            password = sha256_crypt.encrypt((str(form.password.data)))
            c, conn = connection()

            x = c.execute("SELECT * FROM users WHERE username = (%s)",
                          [thwart(username,)])

            if int(x) > 0:
                flash("That username is already taken, please choose another")
                return render_template('register.html', form=form)

            else:
                c.execute("INSERT INTO users (username, password, email, tracking) VALUES (%s, %s, %s, %s)",
                          (thwart(username), thwart(password), thwart(email), thwart("/introduction-to-python-programming/")))

                conn.commit()
                flash("Thanks for registering!")
                c.close()
                conn.close()
                gc.collect()

                session['logged_in'] = True
                session['username'] = username

                return redirect(url_for('dashboard'))

        return render_template("register.html", form=form)

    except Exception as e:
        return(str(e))