I'm attempting to test if information submitted in a form (email address & password) already exist in a database. If the email exists, I want to check whether the corresponding hashed password in the database matches the hashed version of the submitted password.
Here is a full excerpt of my login route:
# Login route
@app.route("/login", methods=["GET", "POST"])
def login():
"""Log user in"""
# Forget any user_id
session.clear()
# User reached route via POST (as by submitting a form via POST)
if request.method == "POST":
# Create a cursor
cur = mysql.connection.cursor()
# Ensure email was submitted
if not request.form.get("email"):
return apology("must provide email", 403)
# Ensure password was submitted
elif not request.form.get("password"):
return apology("must provide password", 403)
# Store email in a variable
email = request.form.get("email")
# Query if email is within database
query = cur.execute("SELECT * FROM users WHERE email = %s", (email,))
# Ensure email exists and that the password is correct
if len(query) != 1 or not check_password_hash(query[0]["hashedpassword"], request.form.get("password")):
return apology("invalid email and/or password", 403)
# Remember which user has logged in
session["user_id"] = query[0]["id"]
# Redirect user to the homepage
return redirect("/")
# User reached route via GET (as by clicking a link or via redirect)
else:
return render_template("login.html")
The part I'm having difficulty with is:
# Ensure email exists and that the password is correct
if len(query) != 1 or not check_password_hash(query[0]["hashedpassword"], request.form.get("password")):
return apology("invalid email and/or password", 403)
Here I am trying to extract a single row of information from my database for the specified email address. I was attempting to use len to see if a singular row existed (two cannot exist as I have ensured the email address column is unique in the database), and so there should either be a single row or none.
The issue is that my previous database query is returning an integer value (query = 1), as indicated by the below error:
[2020-10-05 11:34:27,857] ERROR in app: Exception on /login [POST]
Traceback (most recent call last):
File "c:\users\tjmce\appdata\local\programs\python\python38-32\lib\site-packages\flask\app.py", line 2447, in wsgi_app
response = self.full_dispatch_request()
File "c:\users\tjmce\appdata\local\programs\python\python38-32\lib\site-packages\flask\app.py", line 1952, in full_dispatch_request
rv = self.handle_user_exception(e)
File "c:\users\tjmce\appdata\local\programs\python\python38-32\lib\site-packages\flask\app.py", line 1821, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "c:\users\tjmce\appdata\local\programs\python\python38-32\lib\site-packages\flask\_compat.py", line 39, in reraise
raise value
File "c:\users\tjmce\appdata\local\programs\python\python38-32\lib\site-packages\flask\app.py", line 1950, in full_dispatch_request
rv = self.dispatch_request()
File "c:\users\tjmce\appdata\local\programs\python\python38-32\lib\site-packages\flask\app.py", line 1936, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "C:\Users\tjmce\Desktop\Final Project\app.py", line 81, in login
if len(query) != 1 or not check_password_hash(query[0]["hashedpassword"], request.form.get("password")):
TypeError: object of type 'int' has no len()
Could somebody please help me understand why query has a value of 1 and not the row data?
Thank you!
