diff --git a/blog/forms.py b/blog/forms.py
index a9b8b817f00ea106e2f9de0c0a62739f6c5e2b7c..b5b8a39a13975b98602c1b72407c68088de1e39e 100644
--- a/blog/forms.py
+++ b/blog/forms.py
@@ -7,7 +7,7 @@ from blog.models import User
class RegistrationForm(FlaskForm):
email = StringField('Email',validators=[DataRequired(), Email()])
username = StringField('Username',validators=[DataRequired(), Length(min=2, max=11),Regexp('^[a-z]{4,11}$')])
- password = PasswordField('Password',validators=[DataRequired()])
+ password_hash = PasswordField('Password',validators=[DataRequired()])
submit = SubmitField('Register')
def validate_username(self, username):
user = User.query.filter_by(username=username.data).first()
@@ -23,13 +23,13 @@ class RegistrationForm(FlaskForm):
class LoginForm(FlaskForm):
email = StringField('Email',validators=[DataRequired()])
username = StringField('Username',validators=[DataRequired()])
- password = PasswordField('Password',validators=[DataRequired()])
+ password_hash = PasswordField('Password',validators=[DataRequired()])
submit = SubmitField('Login')
class UpdateAccountForm(FlaskForm):
email = StringField('Email',validators=[DataRequired(), Email()])
username = StringField('Username',validators=[DataRequired(), Length(min=2, max=11)])
- password = PasswordField('Password',validators=[DataRequired()])
+ password_hash = PasswordField('Password',validators=[DataRequired()])
submit = SubmitField('Update')
def validate_username(self, username):
if username.data != current_user.username:
diff --git a/blog/models.py b/blog/models.py
index 9c1fc7a315806eca93229e394ce600893d59dcb3..9ad119f7afab8cc0c776bd86aff4f4fd34b90fe4 100644
--- a/blog/models.py
+++ b/blog/models.py
@@ -16,13 +16,25 @@ class Post(db.Model):
class User(UserMixin,db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(15), unique=True, nullable=False)
- password=db.Column(db.String(128))
+ password_hash=db.Column(db.String(128))
post = db.relationship('Post', backref='user', lazy=True)
is_admin=db.Column(db.Boolean,nullable=False,default=False)
email=db.Column(db.String(256), unique=True)
def __repr__(self):
return f"User('{self.username}')"
+
+ #adapted from Grinberg(2014, 2018)
+ @property
+ def password(self):
+ raise AttributeError('Password is not readable.')
+
+ @password.setter
+ def password(self,password):
+ self.password_hash=generate_password_hash(password)
+
+ def verify_password(self,password):
+ return check_password_hash(self.password_hash,password)
class Portfolio(db.Model):
id = db.Column(db.Integer, primary_key=True)
@@ -33,17 +45,7 @@ class Portfolio(db.Model):
technologies = db.Column(db.String(255))
link = db.Column(db.String(255))
-#adapted from Grinberg(2014, 2018)
- @property
- def password(self):
- raise AttributeError('Password is not readable.')
- @password.setter
- def password(self,password):
- self.password=generate_password_hash(password)
-
- def verify_password(self,password):
- return check_password_hash(self.password,password)
@login_manager.user_loader
def load_user(user_id):
diff --git a/blog/routes.py b/blog/routes.py
index 29ad5aeb022a52a660373647ac473c70d213f6e3..a05235e61cceb18af69675ef4f3adb4fc32e851a 100644
--- a/blog/routes.py
+++ b/blog/routes.py
@@ -87,7 +87,7 @@ def account():
def register():
form = RegistrationForm()
if form.validate_on_submit():
- user = User(username=form.username.data, email=form.email.data, password=form.password.data)
+ user = User(username=form.username.data, email=form.email.data, password=form.password_hash.data)
db.session.add(user)
db.session.commit()
flash('Registration successful!')
@@ -103,7 +103,7 @@ def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
- if user and (user.password, form.password.data):
+ if user and (user.password_hash, form.password_hash.data):
login_user(user)
flash('You\'ve successfully logged in,'+' '+ current_user.username +'!')
return redirect(url_for('home'))
diff --git a/blog/templates/login.html b/blog/templates/login.html
index 26ad5045c2cb1f0570111819d207d32fcddae001..d6343d47fd98d1393fc68b25f9a759f5f0140c0e 100644
--- a/blog/templates/login.html
+++ b/blog/templates/login.html
@@ -4,7 +4,7 @@
{{ form.csrf_token }}
<p>{{ form.email.label }} {{form.email}}</p>
<p>{{ form.username.label }} {{ form.username }}</p>
- <p>{{ form.password.label }} {{ form.password }}</p>
+ <p>{{ form.password_hash.label }} {{ form.password_hash }}</p>
<p><input type="submit" value="Login"></p>
</form>
{% endblock content %}
diff --git a/blog/templates/register.html b/blog/templates/register.html
index 2cb3c416b17b34936cc2f8a23a23be031705bce7..160d358eb9d8d3b519379c3a386cd68b8ee4aa26 100644
--- a/blog/templates/register.html
+++ b/blog/templates/register.html
@@ -4,7 +4,7 @@
{{ form.csrf_token }}
<p>{{ form.email.label }} {{ form.email }}</p>
<p>{{ form.username.label }} {{ form.username }}</p>
- <p>{{ form.password.label }} {{ form.password }}</p>
+ <p>{{ form.password_hash.label }} {{ form.password_hash }}</p>
<input type="submit" value="Register">
{% for error in form.username.errors %}
diff --git a/requirements.txt b/requirements.txt
index 3e393c47ce42da64c6dc63a6848eae0a206ff2bc..2cee57ee5e574aaef9ada0b64ac76e208275048d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,16 +1,16 @@
-click
-email-validator
-Flask
+click==8.1.3
+email-validator==1.3.0
+Flask==2.2.2
Flask-Admin
-Flask-Login
-Flask-SQLAlchemy
-Flask-WTF
-greenlet
-gunicorn
+Flask-Login==0.6.2
+Flask-SQLAlchemy==2.5.1
+Flask-WTF==1.0.1
+greenlet==2.0.1
+gunicorn==20.1.0
itsdangerous
-Jinja2
-MarkupSafe
-PyMySQL
+Jinja2==3.1.2
+MarkupSafe==2.1.1
+PyMySQL==1.0.2
SQLAlchemy==1.4.46
-Werkzeug
-WTForms
+Werkzeug==2.2.2
+WTForms==3.0.1
diff --git a/wsgi.py b/wsgi.py
index 70ba284a2746c22f70c03a7900dccb0484e5192d..0a54e8d8b96fb15f11fb825547017bcc04eba96c 100644
--- a/wsgi.py
+++ b/wsgi.py
@@ -1,4 +1,4 @@
from blog import app as application
if __name__ == '__main__':
- app.run(debug=True)
+ application.run(debug=True)