Julian-Nash · August 30, 2018 00:13
diff --git a/flask_mongodb_bcrypt_user_login.py b/flask_mongodb_bcrypt_user_login.py
 # mongoengine class
 class User(DynamicDocument):
    date_created = DateTimeField(default=datetime.datetime.utcnow)
    username = StringField(unique=True)
    password = BinaryField(required=True)
    email = EmailField(unique=True)
    admin = BooleanField(default=False)
    data_sets = DictField()

 # Hashing & password checking functions
 def hash_password(password):
    return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt())

 def check_password(password_from_form, password_from_db):
    if bcrypt.checkpw(password_from_form.encode("utf-8"), password_from_db):
        return True
    else:
        return False

 # Flask login route
 @app.route("/login", methods=["GET", "POST"])
 def login():
    if request.method == "POST":
        form_username = request.form["username"]
        form_password = request.form["password"]
        error = "Invalid credentials"
        user_attempt = User.objects(username__exact=form_username)
        if user_attempt:
            for user in user_attempt:
                if user.username == form_username:
                    if check_password(password_from_db=user.password, password_from_form=form_password):
                        session["LOGGED_IN"] = True
                        return redirect(url_for("dashboard"))
                    else:
                        return render_template("frontend/login.html", toast=error)
                else:
                    return render_template("frontend/login.html", toast=error)
        else:
            return render_template("frontend/login.html", toast=error)
    else:
        return render_template("frontend/login.html")
	# mongoengine class
	class User(DynamicDocument):
	date_created = DateTimeField(default=datetime.datetime.utcnow)
	username = StringField(unique=True)
	password = BinaryField(required=True)
	email = EmailField(unique=True)
	admin = BooleanField(default=False)
	data_sets = DictField()

	# Hashing & password checking functions
	def hash_password(password):
	return bcrypt.hashpw(password.encode("utf-8"), bcrypt.gensalt())

	def check_password(password_from_form, password_from_db):
	if bcrypt.checkpw(password_from_form.encode("utf-8"), password_from_db):
	return True
	else:
	return False

	# Flask login route
	@app.route("/login", methods=["GET", "POST"])
	def login():
	if request.method == "POST":
	form_username = request.form["username"]
	form_password = request.form["password"]
	error = "Invalid credentials"
	user_attempt = User.objects(username__exact=form_username)
	if user_attempt:
	for user in user_attempt:
	if user.username == form_username:
	if check_password(password_from_db=user.password, password_from_form=form_password):
	session["LOGGED_IN"] = True
	return redirect(url_for("dashboard"))
	else:
	return render_template("frontend/login.html", toast=error)
	else:
	return render_template("frontend/login.html", toast=error)
	else:
	return render_template("frontend/login.html", toast=error)
	else:
	return render_template("frontend/login.html")