username andtyped_password:encrypted_password =pbkdf2_sha256.encrypt(typed_password,rounds=200000, salt_size=16)get_db().create_user(name, username, encrypted_password)returnredirect('/login')returnrender_template('create_user.html')Gets the values from the formEncrypts the passwordIf success, send them to the login pageIf failure, send them back to the create pageStores the user in the DB
CS 530: Developing User Interfaces, Drexel University15(4) Logging In§Now that the user has an account, they can log in–Same type of <form> element as the account creation page, using an HTTP "POST" request
CS 530: Developing User Interfaces, Drexel University17(4) Logging In§Flask server email@example.com('/login', methods=['GET', 'POST'])deflogin():print(request.method)ifrequest.method== 'POST':username = request.form['username']typed_password= request.form['password']ifusername andtyped_password:user = get_db().get_user(username)ifpbkdf2_sha256.verify(typed_password,user['encrypted_password']):session['user'] = userreturnredirect('/')returnrender_template('login.html')Gets the values from the formVerifies that the typed password matches the encrypted one(Rely on a library for this!!)If success, store the user in the sessionand redirect to the home pageIf failure, send them back to the login page
CS 530: Developing User Interfaces, Drexel University18(4) Logging In§One cool thing: Now that the sessionvariable has user information, we can use this in templates!§This comes very handy when altering a page to fit the logged-in user–Most commonly, we alter the nav menu…•Change "Log In" to the user's name•Make the user's name a submenu that includes "Log Out"
CS 530: Developing User Interfaces, Drexel University20(5) Error Checking & Messaging§We already have the functionality we need for basic user authentication§There are some niceties that we could add, though§