db.commit 更改密码(数据库未更新)
db.commit to change password (db not updating)
我想使用 db.session.commit()
更改数据库中的用户密码
我正在获取用于表单验证的适当闪存。但是在下次登录时,数据库更改不会通过/我无法使用新创建的密码登录。旧密码是下次登录时需要使用的密码。
from Portfolio import db, login_manager
from Portfolio import bcrypt
from flask_login import UserMixin
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
class User(db.Model, UserMixin):
id = db.Column(db.Integer(), primary_key=True)
username = db.Column(db.String(length=30), nullable=False, unique=True)
password_hash = db.Column(db.String(length=60), nullable=False)
@property
def password(self):
return self.password
@password.setter
def password(self, plain_text_password):
self.password_hash = bcrypt.generate_password_hash(plain_text_password)
def check_password_correction(self, attempted_password):
return bcrypt.check_password_hash(self.password_hash, attempted_password)
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_bcrypt import Bcrypt
from flask_login import LoginManager
app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'
app.config['SECRET_KEY'] = 'c133ce687016b5000d7b56cc81e0d974c9f1b0730836b4997765c34c7f417c56'
db = SQLAlchemy(app)
bcrypt = Bcrypt(app)
login_manager = LoginManager(app)
login_manager.login_view = "login_page"
login_manager.login_message_category = "info"
from Portfolio import routes
class ResetForm(FlaskForm):
def validate_reset(self, reset_to_check):
password = User.query.filter_by(password_hash=reset_to_check.data).first()
if password:
raise ValidationError('Please input a proper password')
resetpass = PasswordField(label='Reset Password',
validators=[Regexp('^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{12,}$'),
Length(min=12), DataRequired()])
confreset = PasswordField(label='Confirm Changed Password:', validators=[EqualTo('resetpass'), DataRequired()])
newsubmit = SubmitField(label='Submit New Password')
@app.route('/reset', methods=['GET', 'POST'])
@login_required
def reset():
form = ResetForm()
if form.validate_on_submit():
user = User.username
reset_password = User(password=form.resetpass.data)
user.password = reset_password
db.session.commit()
logout_user()
flash('Password has been changed. Please login.')
return redirect(url_for('login_page'))
return render_template('reset.html', form=form, date=format_date, time=format_time)
您确定验证步骤通过了吗?
在这里您将传入数据(可能未经过哈希处理)与数据库中的哈希密码进行了比较。
password = User.query.filter_by(password_hash=reset_to_check.data).first()
if password:
raise ValidationError('Please input a proper password')
我假设它永远是 None,所以没有加注。
第二件事,您将新的 User 实例(为什么要创建新用户?)分配给 reset_password 变量,然后将 reset_password 下的这个 User 实例分配给 user.reset_password属性。这对我来说是尴尬和错误的。您应该为 current_user 重设密码:
from flask_login import current_user, logout_user
@app.route('/reset', methods=['GET', 'POST'])
@login_required
def reset():
form = ResetForm()
if form.validate_on_submit():
user = current_user
user.password = resetpass.data
db.session.commit()
logout_user()
flash('Password has been changed. Please login.')
return redirect(url_for('login_page'))
return render_template('reset.html', form=form, date=format_date, time=format_time)
我想使用 db.session.commit()
更改数据库中的用户密码我正在获取用于表单验证的适当闪存。但是在下次登录时,数据库更改不会通过/我无法使用新创建的密码登录。旧密码是下次登录时需要使用的密码。
from Portfolio import db, login_manager
from Portfolio import bcrypt
from flask_login import UserMixin
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
class User(db.Model, UserMixin):
id = db.Column(db.Integer(), primary_key=True)
username = db.Column(db.String(length=30), nullable=False, unique=True)
password_hash = db.Column(db.String(length=60), nullable=False)
@property
def password(self):
return self.password
@password.setter
def password(self, plain_text_password):
self.password_hash = bcrypt.generate_password_hash(plain_text_password)
def check_password_correction(self, attempted_password):
return bcrypt.check_password_hash(self.password_hash, attempted_password)
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_bcrypt import Bcrypt
from flask_login import LoginManager
app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'
app.config['SECRET_KEY'] = 'c133ce687016b5000d7b56cc81e0d974c9f1b0730836b4997765c34c7f417c56'
db = SQLAlchemy(app)
bcrypt = Bcrypt(app)
login_manager = LoginManager(app)
login_manager.login_view = "login_page"
login_manager.login_message_category = "info"
from Portfolio import routes
class ResetForm(FlaskForm):
def validate_reset(self, reset_to_check):
password = User.query.filter_by(password_hash=reset_to_check.data).first()
if password:
raise ValidationError('Please input a proper password')
resetpass = PasswordField(label='Reset Password',
validators=[Regexp('^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{12,}$'),
Length(min=12), DataRequired()])
confreset = PasswordField(label='Confirm Changed Password:', validators=[EqualTo('resetpass'), DataRequired()])
newsubmit = SubmitField(label='Submit New Password')
@app.route('/reset', methods=['GET', 'POST'])
@login_required
def reset():
form = ResetForm()
if form.validate_on_submit():
user = User.username
reset_password = User(password=form.resetpass.data)
user.password = reset_password
db.session.commit()
logout_user()
flash('Password has been changed. Please login.')
return redirect(url_for('login_page'))
return render_template('reset.html', form=form, date=format_date, time=format_time)
您确定验证步骤通过了吗?
在这里您将传入数据(可能未经过哈希处理)与数据库中的哈希密码进行了比较。
password = User.query.filter_by(password_hash=reset_to_check.data).first()
if password:
raise ValidationError('Please input a proper password')
我假设它永远是 None,所以没有加注。
第二件事,您将新的 User 实例(为什么要创建新用户?)分配给 reset_password 变量,然后将 reset_password 下的这个 User 实例分配给 user.reset_password属性。这对我来说是尴尬和错误的。您应该为 current_user 重设密码:
from flask_login import current_user, logout_user
@app.route('/reset', methods=['GET', 'POST'])
@login_required
def reset():
form = ResetForm()
if form.validate_on_submit():
user = current_user
user.password = resetpass.data
db.session.commit()
logout_user()
flash('Password has been changed. Please login.')
return redirect(url_for('login_page'))
return render_template('reset.html', form=form, date=format_date, time=format_time)