From 944659e1673f207323e6fea3a44d7f4f3d2eccbb Mon Sep 17 00:00:00 2001 From: Harry Hughes <hugheshi@cardiff.ac.uk> Date: Sun, 29 Jan 2023 18:12:39 +0000 Subject: [PATCH] Replace routes.py --- blog/routes.py | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/blog/routes.py b/blog/routes.py index 049ba45..4ed01a3 100644 --- a/blog/routes.py +++ b/blog/routes.py @@ -1,6 +1,6 @@ -from flask import render_template, url_for, request, redirect, flash, Response, send_file, abort -from blog import app, db import os +from flask import render_template, url_for, request, redirect, flash, Response, send_file, abort +from blog import app, db, bcrypt from blog.models import User, Post, Portfolio from blog.forms import RegistrationForm, LoginForm, UpdateAccountForm, PostForm from flask_login import login_user, logout_user, current_user @@ -89,23 +89,20 @@ def account(): def register(): form = RegistrationForm() if form.validate_on_submit(): - user = User(username=form.username.data, email=form.email.data, password=form.password.data) + hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') + user = User(username=form.username.data, email=form.email.data, password=hashed_password) db.session.add(user) db.session.commit() flash('Registration successful!') return redirect(url_for('login')) return render_template('register.html',title='Register',form=form) -@app.route("/registered") -def registered(): - return render_template('registered.html', title='Thanks!') - @app.route("/login",methods=['GET','POST']) def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(username=form.username.data).first() - if user and (user.password, form.password.data): + if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user) flash('You\'ve successfully logged in,'+' '+ current_user.username +'!') return redirect(url_for('home')) -- GitLab