-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.py
More file actions
101 lines (94 loc) · 3.95 KB
/
app.py
File metadata and controls
101 lines (94 loc) · 3.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
from flask import Flask, render_template, request, redirect, url_for, session
from flask_mysqldb import MySQL
import re
app=Flask(__name__)
app.secret_key = 'ARUNkumar'
# database connection details
app.config['MYSQL_HOST'] = ' '
app.config['MYSQL_USER'] = ' '
app.config['MYSQL_PASSWORD'] = ' '
app.config['MYSQL_DB'] = ' '
# Intialize MySQL
mysql = MySQL(app)
@app.route('/', methods=['GET', 'POST'])
def login():
msg = ''
# Check if "username" and "password" POST requests exist (user submitted form)
if request.method == 'POST' and 'username' in request.form and 'password' in request.form:
# Create variables for easy access
username = request.form['username']
password = request.form['password']
cur =mysql.connection.cursor()
cur.execute('SELECT * FROM accounts WHERE username = %s AND password = %s', [username, password])
# Fetch one record and return result
account = cur.fetchone()
print(account)
if account:
session['loggedin'] = True
session['id'] = account[0]
session['username'] = account[1]
return redirect(url_for('home'))
else:
# Account doesnt exist or username/password incorrect
msg = 'Incorrect username/password!'
return render_template('index.html', msg=msg)
@app.route('/logout.html')
def logout():
session.pop('loggedin', None)
session.pop('id', None)
session.pop('username', None)
return redirect(url_for('login'))
@app.route('/register.html', methods=['GET', 'POST'])
def register():
# Output message if something goes wrong...
msg = ''
# Check if "username", "password" and "email" POST requests exist (user submitted form)
if request.method == 'POST' and 'username' in request.form and 'password' in request.form and 'email' in request.form:
# Create variables for easy access
username = request.form['username']
password = request.form['password']
email = request.form['email']
# Check if account exists using MySQL
cur = mysql.connection.cursor()
cur.execute('SELECT * FROM accounts WHERE username = %s', [username])
account = cur.fetchone()
# If account exists show error and validation checks
if account:
msg = 'Account already exists!'
elif not re.match(r'[^@]+@[^@]+\.[^@]+', email):
msg = 'Invalid email address!'
elif not re.match(r'[A-Za-z0-9]+', username):
msg = 'Username must contain only characters and numbers!'
elif not username or not password or not email:
msg = 'Please fill out the form!'
else:
# Account doesnt exists and the form data is valid, now insert new account into accounts table
cur.execute('INSERT INTO accounts VALUES (NULL, %s, %s, %s)', [username, password, email])
mysql.connection.commit()
msg = 'You have successfully registered!'
elif request.method == 'POST':
# Form is empty
msg = 'Please fill out the form!'
# Show registration form with message (if any)
return render_template('register.html', msg=msg)
@app.route('/home.html')
def home():
# Check if user is loggedin
if 'loggedin' in session:
# User is loggedin show them the home page
return render_template('home.html', username=session['username'])
# User is not loggedin redirect to login page
return redirect(url_for('login.html'))
@app.route('/profile.html')
def profile():
# Check if user is loggedin
if 'loggedin' in session:
cur =mysql.connection.cursor()
cur.execute('SELECT * FROM accounts WHERE id = %s', [session['id']])
account = cur.fetchone()
# Show the profile page with account info
return render_template('profile.html', account=account)
# User is not loggedin redirect to login page
return redirect(url_for('login.html'))
if __name__=='__main__':
app.run(debug=True)