""" Flask Login System with SQLite Features: - Signup (create new account) - Login (check user credentials) - Session (to remember login state) - Cookies (to store last visit info) - "Remember Me" option (stay logged in even after closing browser) """ from flask import Flask, render_template, request, redirect, url_for, session, make_response import sqlite3 from datetime import timedelta # Flask App Setup app = Flask(__name__) # Secret key is used to sign session data (must be kept secret in real apps!) app.secret_key = "supersecretkey" # Permanent sessions last for 7 days (used when "Remember Me" is checked) app.permanent_session_lifetime = timedelta(days=7) # Helper function to connect to SQLite database def get_db_connection(): # Connect to SQLite database (creates file users.db if it doesn’t exist) conn = sqlite3.connect("users.db") conn.row_factory = sqlite3.Row # Makes rows behave like dictionaries return conn # Initialize database with a "users" table def init_db(): conn = get_db_connection() conn.execute(""" CREATE TABLE IF NOT EXISTS users ( id INTEGER PRIMARY KEY AUTOINCREMENT, -- Auto-increment ID username TEXT UNIQUE NOT NULL, -- Unique username password TEXT NOT NULL -- Password (plain text for demo, should use hashing!) ) """) conn.commit() conn.close() # Call database initialization at startup init_db() # Home Page (only logged-in users can see this) @app.route("/") def home(): # Check if the user is logged in using session if "username" in session: username = session["username"] # Get logged-in username from session # Get last visit message from cookie (if not found, show default message) last_visit = request.cookies.get("last_visit", "First time visiting!") return render_template("home.html", username=username, last_visit=last_visit) # If not logged in, redirect to login page return redirect(url_for("login")) # Signup Page @app.route("/signup", methods=["GET", "POST"]) def signup(): if request.method == "POST": # When user submits the form username = request.form["username"] password = request.form["password"] conn = get_db_connection() try: # Insert new user into database conn.execute("INSERT INTO users (username, password) VALUES (?, ?)", (username, password)) conn.commit() conn.close() # After signup, redirect to login page return redirect(url_for("login")) except sqlite3.IntegrityError: # This happens if the username already exists return "Username already exists! Try another." # If GET request, show signup form return render_template("signup.html") # Login Page @app.route("/login", methods=["GET", "POST"]) def login(): if request.method == "POST": # When user submits login form username = request.form["username"] password = request.form["password"] # Checkbox value: will be "on" if user ticks "Remember Me" remember = request.form.get("remember") # Check if username & password exist in database conn = get_db_connection() user = conn.execute("SELECT * FROM users WHERE username=? AND password=?", (username, password)).fetchone() conn.close() if user: # ✅ User found → start session if remember == "on": # Session will survive browser close (7 days) session.permanent = True else: # Session ends when browser closes session.permanent = False # Store username inside session session["username"] = username # Create response with cookie resp = make_response(redirect(url_for("home"))) # Save a cookie with "last visit" info # If "Remember Me" checked → cookie valid for 7 days # Else → cookie lasts only until browser closes resp.set_cookie("last_visit", "Welcome back, " + username, max_age=(7*24*60*60 if remember == "on" else None)) return resp else: # If username or password is wrong return "Invalid username or password. Try again." # If GET request, show login form return render_template("login.html") # Logout Page @app.route("/logout") def logout(): # Remove username from session session.pop("username", None) # Also delete the "last_visit" cookie resp = make_response(redirect(url_for("login"))) resp.set_cookie("last_visit", "", expires=0) return resp # Run the App if __name__ == "__main__": app.run(debug=True, host="0.0.0.0", port=5000)