Trying to hash passwords sent to my database but having trouble logging in, Im not sure why it isnt working ive looke everywhere and it seems what I have should work, when stored into the database all myn passwords are hashed but I am unable to now login because of this. Heres what I have for my login:
@app.route('/', methods=['GET', 'POST'])
def index():
session['loginsuccess'] = False
if request.method == 'POST':
if 'email' in request.form and 'password' in request.form:
email = request.form['email']
password = request.form['password']
cursor = db.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute("SELECT * FROM users WHERE email=%s AND password =%s", (email, password))
info = cursor.fetchone()
hashed = info['password']
if info is not None:
#if info['email'] == email and info['password'] == password:
if info['email'] == email and bcrypt.checkpw(password, hashed):
#save variables
session['loginsuccess'] = True
session['user_id'] = info['user_id']
session['name'] = info['name']
session['username'] = info['username']
session['email'] = info['email']
session['iot_id'] = info['iot_id']
return redirect(url_for('home'))
else:
print("Failed Login")
return redirect(url_for('index'))
return render_template("index.html")
and heres what I have for my register:
@app.route('/new', methods=['GET', 'POST'])
def registration():
if request.method == "POST":
if "name" in request.form and "username" in request.form and "email" in request.form and "password" in request.form:
name = request.form['name']
username = request.form['username']
email = request.form['email']
password = request.form['password']
hashed = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt())
cursor = db.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute("INSERT INTO azurcam.users(name, username, email, hashed)VALUES(%s, %s, %s, %s)",
(name, username, email, hashed))
db.connection.commit()
return redirect(url_for('index'))
return render_template("registration.html")
Ive been scratching my head with this one for awhile any help would be much appreciated