我正试图利用弗拉茨-斯密特建立一个基本的微薄标志页面,安全地储存数据库中的密码。
Based on the debugging it prints: Attempting password verification... Checking password for user: admin Hashed password from attempt: b 89ABrlAbxdOeLlup4L96Cv5sqsFL7xYmPNrS/fZ58Po40J4+zK8BqYZTt9Gqkm+/+fRKs/etPSTyJHfeRlFLg== Stored hashed password: 89ABrlAbxdOeLlup4L96Cv5sqsFL7xYmPNrS/fZ58Po40J4+zK8BqYZTt9Gqkm+/+fRKs/etPSTyJHfeRlFLg== Invalid password Rendering login.html...
这里就是这些模式。 py:
# app/models.py
from . import db
from flask_scrypt import generate_random_salt, generate_password_hash, check_password_hash
import os
import base64
class User(db.Model):
__tablename__ = users
userID = db.Column( userID , db.Integer, primary_key=True)
username = db.Column( username , db.String(50), unique=True, nullable=False)
password_hash = db.Column( password_hash , db.String(200), nullable=False)
salt = db.Column( salt , db.String(200), nullable=False)
def __init__(self, username, password):
self.username = username
self.set_password(password)
def set_password(self, password):
self.salt = generate_random_salt()
print("Salt before hashing:", self.salt) # Debugging
password_bytes = password.encode( utf-8 )
self.password_hash = generate_password_hash(password_bytes + self.salt, salt=self.salt)
def check_password(self, password):
print("Checking password for user:", self.username)
password_bytes = password.encode( utf-8 )
salt_bytes = self.salt.encode( utf-8 )
hashed_password_attempt = generate_password_hash(password_bytes + salt_bytes, salt=salt_bytes)
print("Hashed password from attempt:", hashed_password_attempt) # Debugging
print("Stored hashed password:", self.password_hash) # Debugging
return check_password_hash(self.password_hash, password_bytes, salt=salt_bytes)
这里是路线。 y
from flask import Blueprint, render_template, redirect, url_for, flash
from flask_login import login_user
from .forms import LoginForm
from .models import User
from . import db
auth = Blueprint("auth", __name__)
main = Blueprint("main", __name__)
admin = Blueprint("admin", __name__)
@auth.route("/login", methods=[ GET , POST ])
def login():
form = LoginForm()
if form.validate_on_submit():
# Retrieve user record from the database based on the provided username
user = User.query.filter_by(username=form.username.data).first()
print("User:", user) # Debugging: Print user to check if retrieved
if user:
# Verify the password
print("Attempting password verification...") # Debugging: Check password verification attempt
if user.check_password(form.password.data):
# Password matches, authentication successful
print("Password verified. Logging in...") # Debugging: Indicate successful password verification
login_user(user)
return redirect(url_for( admin.admin_panel ))
else:
# Password doesn t match, render login page with error message
print("Invalid password") # Debugging: Indicate invalid password
flash( Invalid username or password , error )
else:
# User not found, render login page with error message
print("User not found") # Debugging: Indicate user not found
flash( Invalid username or password , error )
# If GET request or form validation failed, render the login page
print("Rendering login.html...") # Debugging: Indicate rendering of login.html
return render_template( login.html , form=form)
@main.route("/")
def index():
return render_template("index.html")
@admin.route("/admin")
def admin_panel():
return render_template("admin.html")
它正在研究我的奇克勒数据库的细节,并依据的是,它正在寻找正确的密码,但认为这是无效的。
我尝试了笔录中的一些改动。