Commit 0e9e4833 authored by Vladislav Rykov's avatar Vladislav Rykov
Browse files

hashing added

parent 1c5bebcb
from flask import Flask, render_template, request, redirect, url_for, session
import psycopg2
import bcrypt
app = Flask(__name__, template_folder='templates/')
......@@ -14,7 +16,31 @@ def new_user(name, password):
VALUES
(%s, %s)
"""
cur.execute(query, (name, password))
cur.execute(query, (name, bcrypt.hashpw(password, bcrypt.gensalt())))
conn.commit()
print('User added')
except (Exception, psycopg2.DatabaseError) as error:
print('Error adding a user: ', error)
suc = (False, error)
finally:
if (conn):
cur.close()
conn.close()
return suc
def chk_user(name, password):
suc = (True, 'Success')
try:
conn = psycopg2.connect('dbname=gateway')
cur = conn.cursor()
query = """
INSERT INTO
users
VALUES
(%s, %s)
"""
cur.execute(query, (name, bcrypt.hashpw(password, bcrypt.gensalt())))
conn.commit()
print('User added')
except (Exception, psycopg2.DatabaseError) as error:
......@@ -28,6 +54,7 @@ def new_user(name, password):
return suc
@app.route('/')
def index():
return render_template('index.html')
......@@ -52,6 +79,27 @@ def signup():
return redirect(url_for('index'))
@app.route('/login', methods=['GET', 'POST'])
def signup():
if request.method == 'GET':
return render_template('login.html')
else:
username = request.form['username']
password = request.form['password']
if (username == '' or password == ''):
feedback = 'Username or password fields cannot be empty'
return render_template('login.html', feedback=feedback)
else:
res, msg = chk_user(username, password)
if (not res):
return render_template('signup.html', feedback=msg)
session['name'] = username
return redirect(url_for('index'))
@app.route('/apps')
def apps():
return '<h1>Manage your apps, ' + app.conf['username'] + '</h1>'
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment