1
我正在使用Flask与SQLAlchemy和Flask-Login。Flask Python中的无效登录逻辑
我可以成功登录并注销一个注册用户。
我发现令人困惑的是,当我在登录页面输入不正确的密码时,我回到登录页面,并显示“Welcome [email protected]”代码,如果我成功登录,只会出现
@app.route('/login', methods=['GET', 'POST'])
def login():
form = LoginForm()
user = User.query.filter_by(email=form.email.data).first()
if form.validate_on_submit():
if user and check_password_hash(user.password, form.password.data):
session['user_id'] = user.id
flash('Welcome %s' % user.email)
return redirect(url_for('dashboard'))
else:
flash('Wrong email or password')
return render_template("login.html", form=form)
flash('The email or password is wrong.')
return render_template("login.html", form=form)
编辑:由于TIGRA,这是我结束了。
在views.py
@app.route('/login', methods=['GET', 'POST'])
def login():
form = LoginForm()
user = User.query.filter_by(email=form.email.data).first()
if request.method == "POST":
if form.validate():
# the session can't be modified as it's signed,
# so it's a safe place to store the user
session['user_id'] = user.id
flash('Welcome %s' % user.email)
return redirect(url_for('dashboard'))
else:
flash('Wrong email or password')
return render_template("login.html", form=form)
return render_template("login.html", form=form)
在forms.py
from models import User
from werkzeug import check_password_hash
class LoginForm(Form):
email = TextField('email', validators = [Required(), Email()])
password = PasswordField('password', validators = [Required()])
remember_me = BooleanField('remember_me', default = False)
def __init__(self, *args, **kwargs):
Form.__init__(self, *args, **kwargs)
self.user = None
def validate(self):
rv = Form.validate(self)
if not rv:
return False
user = User.query.filter_by(email=self.email.data).first()
if user is None:
self.email.errors.append('Unknown username')
return False
if not check_password_hash(user.password,self.password.data):
self.password.errors.append('Invalid password')
return False
self.user = user
return True
感谢TIGRA!你让我想到这是如何工作的,而且我已经成功修改了它。 – kerno 2013-05-02 12:26:49