im收到以下错误预期的sha256_crypt哈希,而是获得sha256_crypt config String。
预期的sha256_crypt哈希,获得sha256_crypt config String
这是我的代码,我在做什么错?
代码:
@app.route('/login' , methods=['GET' ,'POST'])
def login():
if request.method == 'POST':
#Get form fields
username = request.form['username']
password_candidate = request.form['password']
#Create cursor
cur = mysql.connection.cursor()
#Get user by username
result = cur.execute("SELECT * FROM users WHERE username = (%s)", [username])
app.logger.info(result)
if result > 0:
#Get stored hash
data = cur.fetchone()
password = data['password']
app.logger.info(password)
#Comparing the passwords
if sha256_crypt.verify(password_candidate, password):
app.logger.info('PASSWORD MATCHED')
app.logger.info(password_candidate)
#Passed
sesion['logged_in'] = True
session['username'] = username
flash('You are now logged in', 'succes')
return redirect(url_for('about'))
else:
error = "Invalid login"
return render_template('login.html', error=error)
#Close connection
cur.close()
else:
error = 'Username not found'
return render_template('login.html', error=error)
这里的真正问题是在数据库表设置中。SHA256的长度为256。也许您在密码字段中使用少于256。因此,当您插入数据库时,丢失了一些密码哈希的数据。这使得在SHA256_CRYPT.VERIFY((函数exection中导致错误。因此,您需要更改密码列并增加密码字段的大小。5