I want to create login mechanism - bottle & sqlite3
#!/usr/bin/env python3
# -*- coding: UTF-8 -*-
from bottle import Bottle, route, run, template, get, post, debug, static_file, request, redirect, response
import time
import random
import string
import logging
import logging.handlers
import sqlite3
log = logging.getLogger('bottle')
log.setLevel('INFO')
h = logging.handlers.TimedRotatingFileHandler(
'logs/nlog', when='midnight', backupCount=9999)
f = logging.Formatter('%(asctime)s %(levelname)-8s %(message)s')
h.setFormatter(f)
log.addHandler(h)
secretKey = "SDMDSIUDSFYODS&TTFS987f9ds7f8sd6DFOUFYWE&FY"
from users import users
app = Bottle()
@app.route('/static/:path#.+#', name='static')
def static(path):
return static_file(path, root='./static')
def checkAuth():
conn = sqlite3.connect('trainsdb2.db')
c = conn.cursor()
c.execute('SELECT * FROM LoginData WHERE login="%s" AND password="%s"' %(loginName,password))
loginName = request.get_cookie("user", secret=secretKey)
log.info(str(loginName) + ' ' + request.method + ' ' +
request.url + ' ' + request.environ.get('REMOTE_ADDR'))
if c.fetchone() is not None:
return loginName
conn.commit()
conn.close()
conn.commit()
conn.close()
return redirect('/login')
@app.route('/login')
@app.route('/login/')
@app.route('/login', method='POST')
def login():
conn = sqlite3.connect('trainsdb2.db')
c = conn.cursor()
loginName = request.forms.get('login_name', default=False)
password = request.forms.get('password', default=False)
log.info(str(loginName) + ' ' + request.method + ' ' +
request.url + ' ' + request.environ.get('REMOTE_ADDR'))
c.execute('SELECT * FROM LoginData WHERE login="%s" AND password="%s"' %(loginName,password))
if c.fetchone() is not None:
response.set_cookie("user", loginName, secret=secretKey)
log.info = ('not none')
conn.commit()
conn.close()
redirect('/index')
return True
else:
conn.commit()
conn.close()
return template('login')
conn.commit()
conn.close()
return template('login')
@app.route('/')
@app.route('/index')
@app.route('/index/')
@app.route('/index/<message>')
def index(message=''):
loginName = checkAuth()
messDict = {'error': "Something went wrong",
'ok': "Everything is ok."}
return template('index', message=messDict.get(message, ""), loginName=loginName)
app.run(host='localhost', port=63700, reloader=False, debug=True)
I have a simple database I am referring to one table and two varchar variables. However when i type in password and login that matches with the values stored in a database nothing happens and I am still kept on the same page as before. Whereas I should have been redirected to index page. Why is that?
How to fix this problem? What can be improved?
Decorators for the win.
from bottle import get, request, redirect, response, template
secretKey = "SDMDSIUDSFYODS&TTFS987f9ds7f8sd6DFOUFYWE&FY"
class User(object):
def __init__(self):
self.name = None
self.cookiedata = request.get_cookie("USER", secret=secretKey)
if self.cookiedata:
self.name = self.cookiedata['username']
def login(self, cookiedata):
return response.set_cookie("USER", cookiedata, path='/', httponly='on', secret=secretKey)
def require_uid(fn):
def check_uid(**kwargs):
if request.get_cookie("USER", secret=secretKey):
return fn(**kwargs)
else:
redirect("/login")
return check_uid
@get('/')
@get('/index')
@get('/index/')
@get('/index/<message>')
@require_uid
def index(message=''):
user = User()
return template('index', loginName=user.name)
Your login page would just then check if they have a cookie, or log them in via the form, and create the cookie.
Then for any route you want security on, just add @require_uid or it will redirect them to the login page.