def login_page():
try:
error = None
c, conn = connection()
if request.method == 'POST':
username = escape_string(request.form['username']).decode()
data = c.execute('SELECT * FROM users WHERE username = ("%s");' % username)
data = c.fetchone()
if sha256_crypt.verify(request.form['password'], data[2]) and (data[1] == username):
session['logged_in'] = True
session['username'] = username
session['favourites'] = data[4]
flash('You are now logged in')
return redirect(url_for('user_page'))
else:
error = 'Invalid credentials, try again'
gc.collect()
return render_template('login.html', error=error)
except:
error = 'Invalid credentials, try again'
return render_template('login.html', error=error)
评论列表
文章目录
