From a4e2a6a792edeaf7ef347d955c19d76ba0e529a9 Mon Sep 17 00:00:00 2001
From: FengWeilei <18790166674@163.com>
Date: Sun, 30 Jul 2017 18:37:02 +0800
Subject: [PATCH] login completely
---
flaskapp/flaskapp.py | 45 +++++++++++++++++++++-
flaskapp/templates/dashboard.html | 6 +++
flaskapp/templates/includes/_messages.html | 7 +++-
flaskapp/templates/includes/_navbar.html | 3 ++
flaskapp/templates/login.html | 16 ++++++++
5 files changed, 75 insertions(+), 2 deletions(-)
create mode 100644 flaskapp/templates/dashboard.html
create mode 100644 flaskapp/templates/login.html
diff --git a/flaskapp/flaskapp.py b/flaskapp/flaskapp.py
index 90db93b..6acc677 100644
--- a/flaskapp/flaskapp.py
+++ b/flaskapp/flaskapp.py
@@ -1,4 +1,4 @@
-from flask import Flask,render_template,request,flash,redirect,url_for
+from flask import Flask,render_template,request,flash,redirect,url_for,session
from wtforms import StringField, SubmitField,validators, PasswordField
from flask_wtf import FlaskForm
from flask_mysqldb import MySQL
@@ -60,6 +60,49 @@ def register():
return render_template('register.html',form=form)
+@app.route("/login",methods=['GET','POST'])
+def login():
+ if request.method == 'POST':
+ # Get Form Fields
+ username = request.form['username']
+ password_candidate = request.form['password']
+
+ # Create cursor
+ cur = mysql.connection.cursor()
+
+ # Get user by username
+ result = cur.execute(
+ "SELECT * FROM users WHERE username = %s", [username])
+
+ if result > 0:
+ # Get stored hash
+ data = cur.fetchone()
+ password = data['password']
+
+ # Compare Passwords
+ if sha256_crypt.verify(password_candidate, password):
+ # Passed
+ session['logged_in'] = True
+ session['username'] = username
+
+ flash('You are now logged in', 'success')
+ return redirect(url_for('dashboard'))
+ else:
+ error = 'Please check your password.'
+ return render_template('login.html', error=error)
+ # Close connection
+ cur.close()
+ else:
+ error = 'Username not found'
+ return render_template('login.html', error=error)
+
+ return render_template('login.html')
+
+@app.route('/dashboard')
+def dashboard():
+ return render_template("dashboard.html")
+
+
#CSRF
#app.config.from_object('config')
diff --git a/flaskapp/templates/dashboard.html b/flaskapp/templates/dashboard.html
new file mode 100644
index 0000000..71014a4
--- /dev/null
+++ b/flaskapp/templates/dashboard.html
@@ -0,0 +1,6 @@
+{% extends 'layout.html' %}
+
+{% block body %}
+ Dashboard
+ Welcome {{session.username}}
+{% endblock %}
\ No newline at end of file
diff --git a/flaskapp/templates/includes/_messages.html b/flaskapp/templates/includes/_messages.html
index 77a89ff..3144802 100644
--- a/flaskapp/templates/includes/_messages.html
+++ b/flaskapp/templates/includes/_messages.html
@@ -4,4 +4,9 @@
{{ message }}
{% endfor %}
{% endif %}
-{% endwith %}
\ No newline at end of file
+{% endwith %}
+
+{% if error %}
+ {{error}}
+{% endif %}
+
diff --git a/flaskapp/templates/includes/_navbar.html b/flaskapp/templates/includes/_navbar.html
index 02758ae..50e7939 100644
--- a/flaskapp/templates/includes/_navbar.html
+++ b/flaskapp/templates/includes/_navbar.html
@@ -18,6 +18,9 @@
+
\ No newline at end of file
diff --git a/flaskapp/templates/login.html b/flaskapp/templates/login.html
new file mode 100644
index 0000000..40c048c
--- /dev/null
+++ b/flaskapp/templates/login.html
@@ -0,0 +1,16 @@
+{% extends 'layout.html' %}
+
+{% block body %}
+ Login
+
+{% endblock %}
\ No newline at end of file