This is a bit confusing, because you render index.html on both index() and register(), and both register the same route (@application.route('/index')
). When you submit your form to /index
, only one of them only ever get called. You can either
- put all your logic in one index function and see which form (if any) is valid.
- seperate your logic and only submit the relevant form
Generally, you want to separate the logic, even if you want to show both the login and signup on the same page. So I'll try to show you in the right direction :-)
For example, first separate your login and register views, which will now only check the logic for the form that concerns them:
class Login(Form):
login_user = TextField('Username', [validators.Required()])
login_pass = PasswordField('Password', [validators.Required()])
class Register(Form):
username = TextField('Username', [validators.Length(min=1, max = 12)])
password = PasswordField('Password', [
validators.Required(),
validators.EqualTo('confirm_password', message='Passwords do not match')
])
confirm_password = PasswordField('Confirm Password')
email = TextField('Email', [validators.Length(min=6, max=35)])
@application.route('/login', methods=['POST'])
def index():
l_form = Login(request.form, prefix="login-form")
if l_form.validate():
check_login = cursor.execute("SELECT * FROM users WHERE username = '%s' AND pwd = '%s'"
% (l_form.login_user.data, hashlib.sha1(l_form.login_pass.data).hexdigest()))
if check_login == True:
conn.commit()
return redirect(url_for('me'))
return render_template('index.html', lform=l_form, rform=Register())
@application.route('/register', methods=['POST'])
def register():
r_form = Register(request.form, prefix="register-form")
if r_form.validate():
check_reg = cursor.execute("SELECT * FROM users WHERE username = '%s' OR `e-mail` = '%s'"
% (r_form.username.data, r_form.email.data))
if check_reg == False:
cursor.execute("INSERT into users (username, pwd, `e-mail`) VALUES ('%s','%s','%s')"
% (r_form.username.data, hashlib.sha1(r_form.password.data).hexdigest(), check_email(r_form.email.data)))
conn.commit()
return redirect(url_for('index'))
return render_template('index.html', lform=Login(), rform=r_form)
@application.route('/index')
def index():
# If user is logged in, show useful information here, otherwise show login and register
return render_template('index.html', lform=Login(), rform=Register())
Then, create a index.html that shows both forms and send them in the right direction.
<form name="lform" method="post" action="{{ url_for('login') }}">
{{ lform.login_user }}
{{ lform.login_pass }}
<input type="submit" value="Login" />
</form>
<form name="rform" method="post" action="{{ url_for('register') }}">
{{ rform.username }}
{{ rform.email }}
{{ rform.password }}
{{ rform.confirm_password }}
<input type="submit" value="Register" />
</form>
The code is untested, so there might be bugs, but I hope it sends you in the right direction. Notice that we pass both lform and rform in all calls to render('index.html', ...).
Further easy ways to improve/refactor: use a function to check for an existing user (your SELECT
statement) and use Jinja2's includes or macros for the individual forms in the templates.