我想创建登录机制-bottle&sqlite3
#!/usr/bin/env python3
# -*- coding: UTF-8 -*-
from bottle import Bottle, route, run, template, get, post, debug, static_file, request, redirect, response
import time
import random
import string
import logging
import logging.handlers
import sqlite3
log = logging.getLogger('bottle')
log.setLevel('INFO')
h = logging.handlers.TimedRotatingFileHandler(
'logs/nlog', when='midnight', backupCount=9999)
f = logging.Formatter('%(asctime)s %(levelname)-8s %(message)s')
h.setFormatter(f)
log.addHandler(h)
secretKey = "SDMDSIUDSFYODS&TTFS987f9ds7f8sd6DFOUFYWE&FY"
from users import users
app = Bottle()
@app.route('/static/:path#.+#', name='static')
def static(path):
return static_file(path, root='./static')
def checkAuth():
conn = sqlite3.connect('trainsdb2.db')
c = conn.cursor()
c.execute('SELECT * FROM LoginData WHERE login="%s" AND password="%s"' %(loginName,password))
loginName = request.get_cookie("user", secret=secretKey)
log.info(str(loginName) + ' ' + request.method + ' ' +
request.url + ' ' + request.environ.get('REMOTE_ADDR'))
if c.fetchone() is not None:
return loginName
conn.commit()
conn.close()
conn.commit()
conn.close()
return redirect('/login')
@app.route('/login')
@app.route('/login/')
@app.route('/login', method='POST')
def login():
conn = sqlite3.connect('trainsdb2.db')
c = conn.cursor()
loginName = request.forms.get('login_name', default=False)
password = request.forms.get('password', default=False)
log.info(str(loginName) + ' ' + request.method + ' ' +
request.url + ' ' + request.environ.get('REMOTE_ADDR'))
c.execute('SELECT * FROM LoginData WHERE login="%s" AND password="%s"' %(loginName,password))
if c.fetchone() is not None:
response.set_cookie("user", loginName, secret=secretKey)
log.info = ('not none')
conn.commit()
conn.close()
redirect('/index')
return True
else:
conn.commit()
conn.close()
return template('login')
conn.commit()
conn.close()
return template('login')
@app.route('/')
@app.route('/index')
@app.route('/index/')
@app.route('/index/<message>')
def index(message=''):
loginName = checkAuth()
messDict = {'error': "Something went wrong",
'ok': "Everything is ok."}
return template('index', message=messDict.get(message, ""), loginName=loginName)
app.run(host='localhost', port=63700, reloader=False, debug=True)
我有一个简单的数据库,我要引用一个表和两个varchar变量。但是,当我输入与数据库中存储的值匹配的密码和登录名时,什么也没有发生,而且我仍然和以前一样保存在同一页面上。而我应该已经重定向到索引页面。这是为什么?
如何解决此问题?有什么可以改进的?
答案 0 :(得分:2)
赢得装饰者。
from bottle import get, request, redirect, response, template
secretKey = "SDMDSIUDSFYODS&TTFS987f9ds7f8sd6DFOUFYWE&FY"
class User(object):
def __init__(self):
self.name = None
self.cookiedata = request.get_cookie("USER", secret=secretKey)
if self.cookiedata:
self.name = self.cookiedata['username']
def login(self, cookiedata):
return response.set_cookie("USER", cookiedata, path='/', httponly='on', secret=secretKey)
def require_uid(fn):
def check_uid(**kwargs):
if request.get_cookie("USER", secret=secretKey):
return fn(**kwargs)
else:
redirect("/login")
return check_uid
@get('/')
@get('/index')
@get('/index/')
@get('/index/<message>')
@require_uid
def index(message=''):
user = User()
return template('index', loginName=user.name)
然后,您的登录页面将检查它们是否具有cookie,或通过表单登录并创建cookie。
然后针对您要进行安全保护的任何路由,只需添加@require_uid,否则它将重定向到登录页面。