1.更新User对象,设置对内的_password
class User(db.Model):
__tablename__ = \'user\'
_password = db.Column(db.String(200), nullable=False) #内部使用
2.编写对外的password
from werkzeug.security import generate_password_hash, check_password_hash
@property
def password(self): #外部使用,取值
return self._password
@password.setter
def password(self, row_password):#外部使用,赋值
self._password = generate_password_hash(row_password)
3.密码验证方法:
def check_password(self, row_password): #密码验证
result = check_password_hash(self._password,row_password)
return result
4.登录验证:
password1 = request.form.get(\'password\')
user = User.query.filter(User.username == username).first()
if user:
if user.check_password(password1):
代码如下:
from flask import Flask, render_template, request, redirect, url_for, session from flask_sqlalchemy import SQLAlchemy from sqlalchemy import or_,and_ from functools import wraps from hashlib import md5 import os import congif app = Flask(__name__) app.config.from_object(congif) db = SQLAlchemy(app) # 用户信息 class User(db.Model): __tablename__ = \'user\' id = db.Column(db.String(17), primary_key=True) # 数据库唯识别id name = db.Column(db.String(20), nullable=False) # 登录账号名 title = db.Column(db.String(30)) # 显示名称 password = db.Column(db.String(42), nullable=False) # 密码 truename = db.Column(db.String(10)) # 真实姓名 sex = db.Column(db.String(1), default=\'0\') # 性别 phone = db.Column(db.String(11)) # 电话号码 email = db.Column(db.String(40)) # 邮箱 logo = db.Column(db.String(50)) # 头像 qq = db.Column(db.String(11)) # qq号码 createdate = db.Column(db.DATETIME) # 注册日期 level = db.Column(db.String(2)) # 用户等级 address = db.Column(db.String(60)) # 用户住址 # 图书分类 classification(id,name,content) class Classification(db.Model): __tablname__ = \'classification\' id = db.Column(db.String(17), primary_key=True) # 数据库唯识别id name = db.Column(db.String(30)) # 文章名称 logo = db.Column(db.String(50)) # 头像地址 context = db.Column(db.TEXT) # 分类内容 # book(id,title,abstracts,content,createdate,author_id,size,chilk,disc,classification) # 发布图书及问答 class Book(db.Model): __tablname__ = \'book\' id = db.Column(db.String(17), primary_key=True) # 数据库唯识别id title = db.Column(db.String(30)) # 文章标题 abstracts = db.Column(db.String(150)) # 文章摘要 content = db.Column(db.TEXT) # 文章内容 createdate = db.Column(db.DATETIME) # 发布时间 author_id = db.Column(db.String(17), db.ForeignKey(\'user.id\')) # 发布者id size = db.Column(db.String(30)) # 文章长度 chilk = db.Column(db.Integer()) # 阅读数 disc = db.Column(db.Integer()) #点赞数 classification = db.Column(db.String(17), db.ForeignKey(\'classification.id\')) # 文章分类id authorClass = db.relationship(\'User\', backref=db.backref(\'book\')) classificationClass = db.relationship(\'Classification\', backref=db.backref(\'book\')) # 评论表 class Commentaries(db.Model): __tablname__ = \'commentaries\' id = db.Column(db.String(17), primary_key=True) # 数据库唯一识别id book_id = db.Column(db.String(17), db.ForeignKey(\'book.id\')) # 评论对应的文章的id question_id = db.Column(db.String(17)) # 问题的提出者id,或者是文章作者id answer_id = db.Column(db.String(17), db.ForeignKey(\'user.id\')) # 回答问题用户的id date = db.Column(db.DATETIME) # 回答日期 content = db.Column(db.TEXT) # 回答内容 answer = db.relationship(\'User\', backref=db.backref(\'commentaries\')) book = db.relationship(\'Book\', backref=db.backref(\'commentaries\',order_by=date.desc)) # db.create_all() # 增加一条数据 # user = User(name = \'xiao\',password = \'123\') # db.session.add(user) # db.session.commit() # 查询一条数据 # user = User.query.filter(User.name==\'xiao\').first() # print(user.name,user.password) # 更改一条数据 # user = User.query.filter(User.name==\'xiao\').first() # user.password = \'xxx\' # db.session.commit() # 删除一条数据 # user = User.query.filter(User.name==\'xiao\').first() # db.session.delete(user) # db.session.commit() # 退出登录 @app.route(\'/logout/\') def logout(): session.pop(\'user_id\') session.pop(\'title\') return redirect(url_for(\'index\')) # 登录 @app.route(\'/login/\', methods=[\'GET\', \'POST\']) def login(): if request.method == \'POST\': user_name = request.form.get(\'user_name\') user_password = request.form.get(\'user_password\') user = User.query.filter(User.name == user_name, User.password == md5(user_password.encode("utf-8")).hexdigest()).first() if user: session[\'user_id\'] = user.id session[\'title\'] = user.title session.permanent = True poi = request.args.get(\'poi\') if poi: return redirect(url_for(\'poi\', book_id=poi)) return redirect(url_for(\'index\')) else: return redirect(url_for(\'login\')) else: return render_template(\'login.html\') # 上下文处理器 @app.context_processor def myContext(): id = session.get(\'user_id\') title = session.get(\'title\') if id: user = User.query.filter(User.id == id).first() else: user = {} if title: return {\'title\': title, \'user_id\': id, \'user\': user} else: return {} # 注册 @app.route(\'/regist/\', methods=[\'GET\', \'POST\']) def regist(): if request.method == \'GET\': user_name = request.args.get(\'user_name\') if user_name: user = User.query.filter(User.name == user_name).first() if user: return \'用户已存在\' else: return \'ok\' else: return render_template(\'regist.html\') else: user_name = request.form.get(\'user_name\') user_title = request.form.get(\'user_title\') user_password = request.form.get(\'user_password\') user = User.query.filter(User.name == user_name).first() if user: return \'error:user exitst\' else: user = User(id="1", name=user_name, title=user_title, password=user_password) db.session.add(user) # 加入数据库 db.session.commit() return redirect(url_for(\'login\')) # 定义一个装饰器出验证用户有是否是登陆 # 定义一个参数函数 def loginFirst(func): # 定义一个函数将其返回 @wraps(func) def wrapper(*args, **kwargs): if session.get(\'title\'): return func(*args, **kwargs) else: return redirect(url_for(\'login\')) # 返回一个函数 return wrapper # 发布问答 @app.route(\'/question\', methods=[\'GET\', \'POST\']) @loginFirst def question(): if request.method == \'GET\': classfly = Classification.query.all() context = { \'classfly\' : classfly } return render_template(\'question.html\',**context) else: book_title = request.form.get(\'title\') book_content = request.form.get(\'content\') abstracts = request.form.get(\'abstracts\') classification = request.form.get(\'classification\') user_id = request.form.get(\'user_id\') size = request.form.get(\'size\') book = Book(id=\'1\', title=book_title, abstracts=abstracts, content=book_content, author_id=user_id,classification=classification,size=size) db.session.add(book) # 加入数据库 db.session.commit() return \'true\' # 详情页面 @app.route(\'/poi/<book_id>\') def poi(book_id): book = Book.query.filter(Book.id == book_id).first() answer = len(Commentaries.query.filter(Commentaries.book_id==book_id).all()) book.chilk = book.chilk+1 db.session.commit() id = session.get(\'user_id\') if id: user = User.query.filter(User.id == id).first() else: user = {} return render_template(\'poi.html\', book=book, user=user,answer=answer) # 点赞 @app.route(\'/disc/\') def disc(): book_id = request.args.get(\'book_id\') book = Book.query.filter(Book.id == book_id).first() book.disc = book.disc+1 db.session.commit() return str(book.disc) # 发布评论 @app.route(\'/answer/\', methods=[\'GET\', \'POST\']) def answer(): if request.method == \'POST\': book_id = request.form.get(\'book_id\') question_id = request.form.get(\'question_id\') answer_id = request.form.get(\'answer_id\') content = request.form.get(\'content\') commentaries = Commentaries(id=\'1\', book_id=book_id, question_id=question_id, answer_id=answer_id, content=content) db.session.add(commentaries) db.session.commit() commentaries = Commentaries.query.filter(Commentaries.book_id == book_id).order_by(\'-date\').all() context = { \'commentaries\': commentaries, } return render_template(\'answer.html\', **context) else: book_id = request.args.get(\'book_id\') commentaries = Commentaries.query.filter(Commentaries.book_id == book_id).order_by(\'-date\').all() context = { \'commentaries\': commentaries, } return render_template(\'answer.html\', **context) # 某用户发布过的所有评论 @app.route(\'/commentaries/<user_id>\',methods=[\'GET\',\'POST\']) def commentaries(user_id): user = User.query.filter(User.id == user_id).first() content = { \'userCommentaries\':user.commentaries, \'books\':user.book, \'num\': len(user.commentaries), \'user2\':user } return render_template(\'commentaries.html\', **content) # 设置中心 @app.route(\'/config/<user_id>\',methods=[\'GET\',\'POST\']) @loginFirst def config(user_id): user = User.query.filter(User.id == user_id).first() if request.method == \'GET\': return render_template(\'config.html\') else: user.title = request.form.get(\'title\') user.truename = request.form.get(\'truename\') user.sex = request.form.get(\'sex\') user.qq = request.form.get(\'qq\') user.phone = request.form.get(\'phone\') user.email = request.form.get(\'email\') user.address = request.form.get(\'address\') db.session.commit() return render_template(\'config.html\') # 上传头像 @app.route(\'/uploadLogo/<user_id>\',methods=[\'GET\',\'POST\']) def uploadLogo(user_id): user = User.query.filter(User.id == user_id).first() f = request.files[\'logo\'] basepath = os.path.dirname(__file__) # 当前文件所在路径 upload_path = os.path.join(basepath, \'static/uploads\', f.filename) # 注意:没有的文件夹一定要先创建,不然会提示没有该路径 f.save(upload_path) user.logo = \'uploads/\'+f.filename db.session.commit() return \'{"url":"\'+url_for(\'static\',filename=\'uploads/\'+f.filename)+\'"}\'; # 分类列表 @app.route(\'/classflyList/\') def classflyList(): classfly = Classification.query.all() context = { \'classfly\':classfly } return render_template(\'classflyList.html\',**context) # 某个分类下的文章 @app.route(\'/classfly/<classification_id>\') def classfly(classification_id): classflyList = Classification.query.all() classfly = Classification.query.filter(Classification.id == classification_id).first() context = { \'classfly\': classfly, \'books\':classfly.book, \'classflyList\': classflyList } return render_template(\'classfly.html\',**context) # 改密码 @app.route(\'/resetPassword/<user_id>\', methods=[\'GET\', \'POST\']) @loginFirst def resetPassword(user_id): user = User.query.filter(User.id == user_id).first() if request.method == \'GET\': return render_template(\'resetPassword.html\') else: password = request.form.get(\'password\') oldPassword = request.form.get(\'oldPassword\') if(md5(oldPassword.encode("utf-8")).hexdigest()==user.password): user.password = md5(password.encode("utf-8")).hexdigest() db.session.commit() else: return \'原密码有误\'; return render_template(\'resetPassword.html\') # 模糊查找 @app.route(\'/search\', methods=[\'GET\', \'POST\']) def search(): qu = request.args.get(\'q\') query = Book.query.filter( or_( Book.title.contains(qu), Book.content.contains(qu), ) ).order_by(\'-createdate\').all() classfly = Classification.query.all() context = { \'books\': query, \'classfly\':classfly } return render_template(\'home.html\', **context) # 首页 @app.route(\'/\', methods=[\'GET\', \'POST\']) def index(): # context = { # \'userName\' : "AllianceHacker", # \'toTime\' : \'11小时前\', # \'title\' : \'PHP是世界是最好的语言\', # \'context\' : \'PHP是世界是最好的语言,这是一个不需要有疑问的问题,谁不服可以来战啊!!!\' # } books = Book.query.order_by(\'-createdate\').all() classfly = Classification.query.all() context = { \'books\': books, \'classfly\':classfly } return render_template(\'home.html\', **context) # 主函数 if __name__ == \'__main__\': app.run(debug=True)