flask实现用户登录的python代码及html代码
时间: 2024-05-03 13:16:55 浏览: 14
以下是一个基本的Flask实现用户登录的Python代码及HTML代码示例:
Python代码:
```python
from flask import Flask, render_template, request, redirect, url_for, session
from werkzeug.security import generate_password_hash, check_password_hash
app = Flask(__name__)
app.secret_key = "secret_key_here"
users = {
"user1": generate_password_hash("password1"),
"user2": generate_password_hash("password2")
}
@app.route("/")
def index():
if "username" in session:
return f"Logged in as {session['username']}. <a href='/logout'>Logout</a>"
return redirect(url_for("login"))
@app.route("/login", methods=["GET", "POST"])
def login():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
if username not in users:
return render_template("login.html", error="Username does not exist.")
elif not check_password_hash(users[username], password):
return render_template("login.html", error="Incorrect password.")
session["username"] = username
return redirect(url_for("index"))
return render_template("login.html")
@app.route("/logout")
def logout():
session.pop("username", None)
return redirect(url_for("index"))
```
HTML代码:
```html
{% extends "base.html" %}
{% block body %}
<form method="POST" action="{{ url_for('login') }}">
<input type="text" name="username" placeholder="Username"><br>
<input type="password" name="password" placeholder="Password"><br>
<button type="submit">Login</button>
</form>
{% if error %}
<p>{{ error }}</p>
{% endif %}
{% endblock %}
```
这个示例使用了Flask的session机制来存储用户登录状态。用户的密码是使用werkzeug库的generate_password_hash函数哈希存储的。在登录时,使用check_password_hash函数验证密码是否匹配。注意,password并没有存储在数据库中,只有哈希的密码存储在内存中。这样可以提高安全性,即使数据库被盗也无法得到用户密码。