login completely

FengWeilei · Jul 30, 2017 · a4e2a6a · a4e2a6a
1 parent 26667c5
commit a4e2a6a
Show file tree

Hide file tree

Showing 5 changed files with 75 additions and 2 deletions.
diff --git a/flaskapp/flaskapp.py b/flaskapp/flaskapp.py
@@ -1,4 +1,4 @@
-from flask import Flask,render_template,request,flash,redirect,url_for
+from flask import Flask,render_template,request,flash,redirect,url_for,session
 from wtforms import StringField, SubmitField,validators, PasswordField
 from flask_wtf import FlaskForm
 from flask_mysqldb import MySQL
@@ -60,6 +60,49 @@ def register():
 
     return render_template('register.html',form=form)
 
+@app.route("/login",methods=['GET','POST'])
+def login():
+    if request.method == 'POST':
+        # Get Form Fields
+        username = request.form['username']
+        password_candidate = request.form['password']
+
+        # Create cursor
+        cur = mysql.connection.cursor()
+
+        # Get user by username
+        result = cur.execute(
+            "SELECT * FROM users WHERE username = %s", [username])
+
+        if result > 0:
+            # Get stored hash
+            data = cur.fetchone()
+            password = data['password']
+
+            # Compare Passwords
+            if sha256_crypt.verify(password_candidate, password):
+                # Passed
+                session['logged_in'] = True
+                session['username'] = username
+
+                flash('You are now logged in', 'success')
+                return redirect(url_for('dashboard'))
+            else:
+                error = 'Please check your password.'
+                return render_template('login.html', error=error)
+            # Close connection
+            cur.close()
+        else:
+            error = 'Username not found'
+            return render_template('login.html', error=error)
+
+    return render_template('login.html')
+
+@app.route('/dashboard')
+def dashboard():
+    return render_template("dashboard.html")
+
+
 #CSRF
 #app.config.from_object('config')
 

diff --git a/flaskapp/templates/dashboard.html b/flaskapp/templates/dashboard.html
@@ -0,0 +1,6 @@
+{% extends 'layout.html' %}
+
+{% block body %}
+    <h1>Dashboard</h1>
+    <h2>Welcome {{session.username}}</h2>
+{% endblock %}
diff --git a/flaskapp/templates/includes/_messages.html b/flaskapp/templates/includes/_messages.html
@@ -4,4 +4,9 @@
       <div class="alert alert-{{ category }}" >{{ message }}</div>
     {% endfor %}
   {% endif %}
-{% endwith %}
+{% endwith %}
+
+{% if error %}
+  <div class="alert alert-warning">{{error}}</div>
+{% endif %}
+
diff --git a/flaskapp/templates/includes/_navbar.html b/flaskapp/templates/includes/_navbar.html
@@ -18,6 +18,9 @@
           <ul class="nav navbar-right">
             <li class="active"><a href="/register">Register</a></li>
           </ul>
+          <ul class="nav navbar-right">
+            <li class="active"><a href="/login">Login</a></li>
+          </ul>
         </div><!--/.nav-collapse -->
       </div>
     </nav>
diff --git a/flaskapp/templates/login.html b/flaskapp/templates/login.html
@@ -0,0 +1,16 @@
+{% extends 'layout.html' %}
+
+{% block body %}
+  <h1>Login</h1>
+  <form action="", method="POST">
+    <div class="form-group">
+      <label>Username</label>
+      <input type="text" name="username" class="form-control">
+    </div>
+    <div class="form-group">
+      <label>Password</label>
+      <input type="password" name="password" class="form-control">
+    </div>
+    <button type="submit" class="btn btn-primary">Submit</button>
+  </form>
+{% endblock %}