【发布时间】:2017-07-31 22:21:44
【问题描述】:
我正在尝试使用烧瓶、bcrypt 和 pymongo 创建一个允许您注册帐户和登录的网站。当前注册正在工作,但登录无效。当我点击登录时,我得到this error。 我的代码:
from flask import Flask, render_template, url_for, request, session, redirect
from flask_pymongo import PyMongo
import bcrypt
app = Flask(__name__)
app.config['MONGO_DBNAME'] = 'websitetest'
app.config['MONGO_URI'] = 'mongodb://localhost:27017'
mongo = PyMongo(app)
@app.route('/')
def index():
if 'username' in session:
return('You are logged in as ' + session['username'])
return render_template('index.html')
@app.route('/login', methods=['POST'])
def login():
users = mongo.db.users
login_user = users.find_one({'name': request.form['username']})
if login_user:
if bcrypt.hashpw(bytes(request.form['pass'], 'utf-8'), bytes(request.form['pass'], 'utf-8')) == bytes(request.form['pass'], 'utf-8'):
session['username'] = request.form['username']
return redirect(url_for('index'))
return 'Invalid username/password combination.'
@app.route('/register', methods=['POST', 'GET'])
def register():
if request.method == 'POST':
users = mongo.db.users
existing_user = users.find_one({'name': request.form['username']})
if existing_user is None:
hashpass = bcrypt.hashpw(request.form['pass'].encode('utf-8'), bcrypt.gensalt())
users.insert({'name': request.form['username'], 'password': hashpass})
session['username'] = request.form['username']
return redirect(url_for('index'))
return('That username already exists!')
return render_template('register.html')
if __name__ == '__main__':
app.secret_key = 'mysecret'
app.run(debug=True)
任何帮助将不胜感激。谢谢!
【问题讨论】:
-
你的盐(
brcypt.hashpw()中的第二个参数)是字节编码密码(在if login_user下)而不是bcrypt.gensalt(),取自bcrypt documentation 的任何原因?此外,您应该使用同一链接中的brcypt.checkpw(password, hashed)。
标签: python flask pymongo bcrypt