Update app.py
Browse files
app.py
CHANGED
|
@@ -19,6 +19,11 @@ def init_db():
|
|
| 19 |
conn.commit()
|
| 20 |
conn.close()
|
| 21 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 22 |
@app.route("/")
|
| 23 |
def home():
|
| 24 |
if "username" in session:
|
|
@@ -28,9 +33,9 @@ def home():
|
|
| 28 |
@app.route("/signup", methods=["GET", "POST"])
|
| 29 |
def signup():
|
| 30 |
if request.method == "POST":
|
| 31 |
-
username = request.form["username"]
|
| 32 |
-
password = request.form["password"]
|
| 33 |
-
|
| 34 |
conn = sqlite3.connect(DB_PATH)
|
| 35 |
cursor = conn.cursor()
|
| 36 |
try:
|
|
@@ -46,23 +51,26 @@ def signup():
|
|
| 46 |
@app.route("/login", methods=["GET", "POST"])
|
| 47 |
def login():
|
| 48 |
if request.method == "POST":
|
| 49 |
-
username = request.form["username"]
|
| 50 |
-
password = request.form["password"]
|
| 51 |
-
|
| 52 |
-
|
| 53 |
-
cursor = conn.cursor()
|
| 54 |
if username == "1234" and password == "1234":
|
| 55 |
session["username"] = "Admin"
|
| 56 |
-
conn.close()
|
| 57 |
return redirect(url_for("download_db"))
|
|
|
|
|
|
|
|
|
|
| 58 |
cursor.execute("SELECT * FROM users WHERE username=? AND password=?", (username, password))
|
| 59 |
user = cursor.fetchone()
|
| 60 |
conn.close()
|
|
|
|
| 61 |
if user:
|
| 62 |
session["username"] = username
|
| 63 |
return redirect(url_for("home"))
|
| 64 |
else:
|
| 65 |
return render_template("login.html", error="❌ Invalid username or password")
|
|
|
|
| 66 |
return render_template("login.html")
|
| 67 |
|
| 68 |
@app.route("/logout")
|
|
|
|
| 19 |
conn.commit()
|
| 20 |
conn.close()
|
| 21 |
|
| 22 |
+
@app.before_request
|
| 23 |
+
def before_request():
|
| 24 |
+
"""Make sure DB and table exist before any request"""
|
| 25 |
+
init_db()
|
| 26 |
+
|
| 27 |
@app.route("/")
|
| 28 |
def home():
|
| 29 |
if "username" in session:
|
|
|
|
| 33 |
@app.route("/signup", methods=["GET", "POST"])
|
| 34 |
def signup():
|
| 35 |
if request.method == "POST":
|
| 36 |
+
username = request.form["username"].strip()
|
| 37 |
+
password = request.form["password"].strip()
|
| 38 |
+
|
| 39 |
conn = sqlite3.connect(DB_PATH)
|
| 40 |
cursor = conn.cursor()
|
| 41 |
try:
|
|
|
|
| 51 |
@app.route("/login", methods=["GET", "POST"])
|
| 52 |
def login():
|
| 53 |
if request.method == "POST":
|
| 54 |
+
username = request.form["username"].strip()
|
| 55 |
+
password = request.form["password"].strip()
|
| 56 |
+
|
| 57 |
+
# Special admin login
|
|
|
|
| 58 |
if username == "1234" and password == "1234":
|
| 59 |
session["username"] = "Admin"
|
|
|
|
| 60 |
return redirect(url_for("download_db"))
|
| 61 |
+
|
| 62 |
+
conn = sqlite3.connect(DB_PATH)
|
| 63 |
+
cursor = conn.cursor()
|
| 64 |
cursor.execute("SELECT * FROM users WHERE username=? AND password=?", (username, password))
|
| 65 |
user = cursor.fetchone()
|
| 66 |
conn.close()
|
| 67 |
+
|
| 68 |
if user:
|
| 69 |
session["username"] = username
|
| 70 |
return redirect(url_for("home"))
|
| 71 |
else:
|
| 72 |
return render_template("login.html", error="❌ Invalid username or password")
|
| 73 |
+
|
| 74 |
return render_template("login.html")
|
| 75 |
|
| 76 |
@app.route("/logout")
|