Flask/python登录验证对mysql不起作用,我在搜索google和文档,我在同一件事上看到了一些关于堆栈溢出的问题,但还没有得到回答。在
from flask import Flask, render_template, flash, request, url_for, redirect, session
from content_management import Content
#form validations
from wtforms import Form, BooleanField, TextField, PasswordField, validators
#to encrypt the password
from passlib.hash import sha256_crypt
#for SQL injection
from MySQLdb import escape_string as thwart
import gc
from functools import wraps
from mysql_connect import connection
app = Flask(__name__)
@app.route('/login/', methods=['GET','POST'])
def login_page():
error = ''
try:
c, conn = connection()
if request.method == "POST":
d = c.execute("SELECT * FROM clients WHERE email = (%s)", (thwart(request.form['email']),))
d = c.fetchone()[2]
if request.form['password'] == d:
email = request.form['email']
c.execute("SELECT * FROM clients WHERE email = (%s)", (thwart(email),))
clients_table = c.fetchall()
clientcid = clients_table[0]
flash(clientcid)
phone = clients_table[1]
rating = clients_table[4]
conn.commit()
c.execute("SELECT * FROM cpersonals WHERE cid = (%s)", (clientcid,))
cpersonals_table = c.fetchall()
first_name = cpersonals_table[1]
last_name = cpersonals_table[2]
address = cpersonals_table[3]
czip = cpersonals_table[4]
reg_date = cpersonals_table[5]
conn.commit()
c.close()
conn.close()
session['logged_in'] = 'client'
session['clientcid'] = clientcid
session['email'] = email
session['phone'] = phone
session['rating'] = rating
session['first_name'] = first_name
session['last_name'] = last_name
session['address'] = address
session['czip'] = czip
session['reg_date'] = reg_date
flash("You are now logged in.")
return redirect(url_for("dashborad"))
else:
error = "Invalid credentials, try again."
return render_template("login.html")
在没有框架的情况下,有没有一种简单的方法可以在MySQL中验证凭证
这并不是一个完整的答案(给出了解决问题的代码示例),而是一些建议:
您使用的是带有数据库的flask,但没有使用诸如flask-sqlalchemmy这样的flask扩展,这是一个使SQLAlchemy(数据库工具包)更易于与python一起使用的库。使用类似flask-login(它处理登录和注销以及常见的“记住我”功能),您的尝试非常简单。 如果您想要一个示例文件,通过使用flask sqlalchemy和flask login从数据库检查用户的凭据,我可以创建一个示例文件,但是有很多应用程序使用这些工具。在
使用像我提到的那样的数据库工具包还有很多其他的优点,其中最不重要的是数据库系统的可移植性(使用sqlalchemy的代码通常可以在多个数据库后端工作,如mysql、postgreSQL、sqlite等)。在
相关问题 更多 >
编程相关推荐