html.py
from flask import Flask, request, render_template from identify import * app = Flask(__name__) @app.route('/', methods=['GET', 'POST']) def home(): return render_template('home.html') @app.route('/signin', methods=['GET']) def signin_form(): return render_template('form.html') @app.route('/signin', methods=['POST']) def signin(): username = request.form['username'] password = request.form['password'] if login(username, password): return render_template('signin-ok.html', username=username) return render_template('form.html', message='Bad username or password', username=username) @app.route('/register', methods=['GET']) def create_form(): return render_template('register.html') @app.route('/register', methods=['POST']) def create(): username = request.form['username'] password = request.form['password'] if register(username,password): return render_template('signin-ok.html', username=username) return render_template('register.html',message='User have registered', username=username) if __name__ == '__main__': app.run()
identity.py
import hmac, random from database import * def hmac_md5(key, s): return hmac.new(key.encode('utf-8'), s.encode('utf-8'), 'MD5').hexdigest() class User(object): def __init__(self, username, password): self.username = username self.key = ''.join([chr(random.randint(48, 122)) for i in range(20)]) self.password = hmac_md5(self.key, password) def login(username, password): #user = db[username] data = select(username) if data and (hmac_md5(data[0][3], password) == data[0][2]): return True else: return False def register(username, password): user = User(username, password) if select(username): return False else: insert(username,user.password, user.key) return True
database.py
import mysql.connector def select(name): try: conn = mysql.connector.connect(user='root', password='88818928', database='test', auth_plugin='mysql_native_password') cursor = conn.cursor() cursor.execute('select * from user where name = %s', (name,)) values = cursor.fetchall() except BaseException as e: print(e) finally: print(values) cursor.close() conn.close() return values def insert(name, password, salt): try: conn = mysql.connector.connect(user='root', password='88818928', database='test', auth_plugin='mysql_native_password') cursor = conn.cursor() cursor.execute('select * from user') values = cursor.fetchall() print(len(values)) cursor.execute('insert into user (id, name, password, salt) values (%s, %s, %s, %s)', [len(values)+1, name, password, salt]) conn.commit() except BaseException as e: print(e) finally: cursor.execute('select * from user') values = cursor.fetchall() print(len(values),values) cursor.close() conn.close()
对于密码验证那块,不知道怎么处理比较好,所以直接把随机生成的salt也存进去数据库里面了。
Sign in to make a reply
方大侠百宝箱
html.py
identity.py
database.py
对于密码验证那块,不知道怎么处理比较好,所以直接把随机生成的salt也存进去数据库里面了。