From 944659e1673f207323e6fea3a44d7f4f3d2eccbb Mon Sep 17 00:00:00 2001
From: Harry Hughes <hugheshi@cardiff.ac.uk>
Date: Sun, 29 Jan 2023 18:12:39 +0000
Subject: [PATCH] Replace routes.py

---
 blog/routes.py | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/blog/routes.py b/blog/routes.py
index 049ba45..4ed01a3 100644
--- a/blog/routes.py
+++ b/blog/routes.py
@@ -1,6 +1,6 @@
-from flask import render_template, url_for, request, redirect, flash, Response, send_file, abort
-from blog import app, db
 import os
+from flask import render_template, url_for, request, redirect, flash, Response, send_file, abort
+from blog import app, db, bcrypt
 from blog.models import User, Post, Portfolio
 from blog.forms import RegistrationForm, LoginForm, UpdateAccountForm, PostForm
 from flask_login import login_user, logout_user, current_user
@@ -89,23 +89,20 @@ def account():
 def register():
   form = RegistrationForm()
   if form.validate_on_submit():
-    user = User(username=form.username.data, email=form.email.data, password=form.password.data)
+    hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
+    user = User(username=form.username.data, email=form.email.data, password=hashed_password)
     db.session.add(user)
     db.session.commit()
     flash('Registration successful!')
     return redirect(url_for('login'))
   return render_template('register.html',title='Register',form=form)
 
-@app.route("/registered")
-def registered():
-  return render_template('registered.html', title='Thanks!')
-
 @app.route("/login",methods=['GET','POST'])
 def login():
   form = LoginForm()
   if form.validate_on_submit():
     user = User.query.filter_by(username=form.username.data).first()
-    if user and (user.password, form.password.data):
+    if user and bcrypt.check_password_hash(user.password, form.password.data):
       login_user(user)
       flash('You\'ve successfully logged in,'+' '+ current_user.username +'!')
       return redirect(url_for('home'))
-- 
GitLab