Spaces:

jtvidela
/

StoryCompassHTML

Running

jtvidela commited on Dec 3, 2024

Commit

f210cff

verified ·

1 Parent(s): 9b83da2

Update app.py

Files changed (1) hide show

app.py CHANGED Viewed

@@ -1,14 +1,34 @@
-from dotenv import load_dotenv
-import os
-load_dotenv()
 @app.route('/login', methods=['POST'])
 def login():
     username = request.form.get('username')
     password = request.form.get('password')
-    # Validate against environment variables
-    if username == os.getenv("ADMIN_USERNAME") and password == os.getenv("ADMIN_PASSWORD"):
         return "Login successful!"
-    return "Invalid username or password!"

+import sqlite3
+from werkzeug.security import generate_password_hash, check_password_hash
+# Create a database connection
+conn = sqlite3.connect("users.db")
+cursor = conn.cursor()
+# Create the users table (run this once)
+cursor.execute('''
+CREATE TABLE IF NOT EXISTS users (
+    id INTEGER PRIMARY KEY,
+    username TEXT UNIQUE,
+    password TEXT
+)
+''')
+conn.commit()
+# Insert a user (run this once to populate the database)
+hashed_password = generate_password_hash("1234")  # Hash the password
+cursor.execute("INSERT INTO users (username, password) VALUES (?, ?)", ("admin", hashed_password))
+conn.commit()
 @app.route('/login', methods=['POST'])
 def login():
     username = request.form.get('username')
     password = request.form.get('password')
+    # Check if the user exists in the database
+    cursor.execute("SELECT password FROM users WHERE username = ?", (username,))
+    result = cursor.fetchone()
+    if result and check_password_hash(result[0], password):  # Compare hashed passwords
         return "Login successful!"
+    return "Invalid username or password!"