【发布时间】:2020-05-30 17:46:11
【问题描述】:
我正在尝试在我的 python 网络应用程序中实现登录/注册/注销元素。我正在使用烧瓶。我正在使用 bcrypt 对密码进行散列和加盐,但一直收到此错误:TypeError: a bytes-like object is required, not 'RowProxy'。密码肯定会存储在哈希和盐中。但不允许用户登录。
@app.route("/searchPage", methods=['POST','GET'])
def loggingin():
title = "Search"
#get request form variables
username = request.form.get('username')
if db.execute("SELECT username FROM users WHERE username = :username",{"username": username}).rowcount == 0:
return render_template("login.html", message="invalid username, please try again.")
hashed_password = db.execute("SELECT username, password FROM users WHERE username = :username",{"username": username}).fetchone()
if bcrypt.checkpw(request.form.get('password'), hashed_password):
return render_template("searchPage.html", title=title)
else:
return render_template("login.html", message="Incorrect Password.")
我的 html 是:
{% extends "nav.html" %}
{% block body %}
<main>
<h1>{{ message }}</h1>
<h3>Log In </h3>
<form action="{{ url_for('loggingin') }}" method="POST">
<div class="form-group">
<label>Username</label>
<input class="form-control" type="text" name="username">
</div>
<div class="form-group">
<label>Password</label>
<input class="form-control" type="password" name="password">
</div>
<button class="btn btn-success" type="submit">Log In</button>
</form>
</main>
{% endblock %}
【问题讨论】:
-
问题出在这一行:
hashed_password = db.execute("SELECT username, password FROM users WHERE username = :username",{"username": username}).fetchone()您只需从 RowProxy 取回密码。比如:hashed_password = db.execute("SELECT username, password FROM users WHERE username = :username",{"username": username}).fetchone()['password'] -
@mechanical_meat:你有什么理由不把它作为答案发布?
-
@LukeWoodward:因为我无法测试它。