From d60aa8311e3cbd052e8f60343110f0c65d94a928 Mon Sep 17 00:00:00 2001 From: HNTQ Date: Fri, 18 Jun 2021 22:11:20 +0200 Subject: [PATCH] Add register, login and logout --- app.py | 70 +++++++++++++++++++++++++++++++++++++++++-- application.db | Bin 61440 -> 61440 bytes templates/login.html | 6 ++-- 3 files changed, 71 insertions(+), 5 deletions(-) diff --git a/app.py b/app.py index b2f1a83..3c797ed 100644 --- a/app.py +++ b/app.py @@ -2,6 +2,7 @@ from cs50 import SQL from flask_session import Session from tempfile import mkdtemp +from werkzeug.security import check_password_hash, generate_password_hash app = Flask(__name__) # Ensure templates are auto-reloaded @@ -30,11 +31,76 @@ def index(): @app.route("/login", methods=["GET", "POST"]) def login(): - return render_template("login.html") + # Forget any user_id + session.clear() + if request.method == "POST": + # Ensure username was submitted + if not request.form.get("username"): + # TODO apology "must provide username" + return render_template("register.html") + # Ensure password was submitted + elif not request.form.get("password"): + #TODO apology "must provide password" + return render_template("register.html") + + # Query database for username + rows = db.execute("SELECT * FROM user WHERE username = ?", request.form.get("username")) + + # Ensure username exists and password is correct + if len(rows) != 1 or not check_password_hash(rows[0]["hash"], request.form.get("password")): + return render_template("register.html") + # TODO Apology "invalid username and/or password", 403 + + # Remember which user has logged in + session["user_id"] = rows[0]["id"] + + # Redirect user to home page + return redirect("/") + # User reached route via GET (as by clicking a link or via redirect) + else: + return render_template("login.html") @app.route("/register", methods=["GET", "POST"]) def register(): - return render_template("register.html") + """Register user""" + if request.method == "POST": + # Ensure username was fill + if not request.form.get("username"): + return render_template("register.html") + #TODO return apology("must provide username", 400) + + # Ensure password was submitted + if not request.form.get("password"): + return render_template("register.html") + #TODO return apology("must provide password", 400) + + # Ensure password was confirmed + if not request.form.get("confirmation"): + return render_template("register.html") + #TODO return apology("must confirm password ", 400) + + if request.form.get("confirmation") != request.form.get("password"): + return render_template("register.html") + #TODO return apology("passwords do not match", 400) + + if db.execute("SELECT * FROM user WHERE username = ?", request.form.get("username")) != []: + return render_template("register.html") + #TODO return apology("user exist", 400) + + db.execute("INSERT INTO user (username, hash) VALUES(?, ?)", request.form.get("username"), + generate_password_hash(request.form.get("password"), method='pbkdf2:sha256', salt_length=8)) + return redirect("/login") + else: + return render_template("register.html") + +@app.route("/logout") +def logout(): + """Log user out""" + # Forget any user_id + session.clear() + + # Redirect user to login form + return redirect("/") @app.route("/userProfil", methods=["GET", "POST"]) def userProfil(): diff --git a/application.db b/application.db index 157083b92621ac9dcbebb1a6b7ed677983efbaa3..231d55e44cf77a58d073a4d7dbac3d68525e7145 100644 GIT binary patch delta 670 zcmZp8z})bFd4jayLk0#0ejw%qVkRKAnW$r|`H(@+djc=V5e6QPA_lIDT#NWrcz<$! z=iJAu&&$Na$NiY2h~qXt7e~>?iLcn}17z65wY3=|OA?cEQi}_7GD}k9i&G0rQ}dG1 zxy;T%u8twD3L%b8KCTLAYBll_b5nJIIyJd#7{tXJi=^2b^JLk@m6aKrl|hC#CIES& zqEKFHX>n>15Kp$`mtptx3vqRK4Vs+5FV3fsSXz>wnU`FYnwy$eGP#`Jf+ZudIAij5 ze$UPOI1e&1rcZ9*HsWBDVFUV?fnoD5ZW(4KMxDtw_>8z3i=h_kPQJlmO{B5DY>fQ% z4E*(*1qDj^>+2cW8KfB+J&i#jP?DKfkd&R0W@J^Ik!WOUW@Th%00b(L6{Quf{(0Fd z7G}mNscA{ZCMjlS$tgg#X_C3AS+aqdiBU>YvZ;Bhg^_WxL83uYijlFYg+*GDsj;PH zqGh6qskxCsN}92efsvuEftjwMg@TcRm4UexpRoxq&{vH7-x>J7^FIf==^nqBBqu1a i;#1P&OL7a?nV3bv{7nWd4ui?*OvWaQ6ciRM2mkPoA+@ZWMs6P+`w(bQJ9lik{X{_x_KA33^Nmh|KuBdM#`Rk zAqsx}Kpg7Rm?6myHclMmyv8UXPgIn#S$y(S4voo?d?J&pc?Hoe@ZHQ}@P~h50Q+Y4 jhM)4A99RrCvpBE|Fmh}bG9(Z{lNy diff --git a/templates/login.html b/templates/login.html index 5cd1cf5..c89d173 100644 --- a/templates/login.html +++ b/templates/login.html @@ -8,11 +8,11 @@ {% block main %}
- +
- +
- +
{% endblock %} \ No newline at end of file