I'm having a login issue that works in my sandbox and doesn't work for me in my pythonanywhere test. It just checks a username and password I predefined via sqlalchemy, nothing involved. Very simple. Not using Flask-Session or Flask-Login or anything fancy.
My log says something about spawning two threads for uWSGI worker 1, and I'm limited to one app ... maybe a clue? Thanks for pointing me in the right direction.
the two threads should be fine (they serve your static files).
just to double check- you did add your username & password on PythonAnywhere right? (ie. just because you had created/defined it locally, doesn't mean that data automatically gets onto PythonAnywhere)
and when you say it doesn't work, why doesn't it work? (eg: is it because no such user? or missing say a session cookie? etc)
Thanks, Conrad. Yes the user exists (just a quick dummy test - for now in a tiny sqlite file). I wonder if it's the session. I changed from a "random" string I made up for my secret key to set the session to an os-generated string... my first key worked fine for an even simpler test (just setting a value in the session dict-like structure)... hmm that could be a good clue for me, thanks. Maybe the os.urandom() didn't work. I'll run a few tests here. Thanks for giving me some ideas/questions.
I think I found the offending code (ignore the simple, non-salted, non-hashed test for now). Anything obviously lacking? It's trying to check the credentials. Thanks for any help, anyone.
conrad
|
4232
posts
|
PythonAnywhere staff
|
Session = sessionmaker(bind=engine)
s = Session()
query = s.query(User).filter(User.username.in_([POST_USERNAME]), User.password.in_([POST_PASSWORD]) )
result = query.first()
Original tutorial code is at https://pythonspot.com/en/login-authentication-with-flask/
I assume you are getting result == None?
What happens if you print out POST_USERNAME and POST_PASSWORD?
Also you may not be able to change the secret key (ie. it might be using it to encrypt/store passwords in the database etc), and so changing it midway would make it so that you can't login with your original password anymore.
I can print out POST_USERNAME so it's coming through from the form to the app.
Something must not work in the database credential check step. I used a tiny sqlite file for this example since it's seemingly fairly trivial, but something isn't working. I don't think it has to do with secret_key since I restarted the webapp ---- but I probably should've cleared my browser cache or started a new incognito window. Will check that. Hmm, thanks for the sounding board and comments in any case.
you mean you used a sqlite db, ie. instead of the live db, and had created a user/password into this sqlite db, but then running that code failed? can you also just filter on username without the password and see if it can find anything?
Hi! I am also having problems with authentication on the flask. I'm using this same tutorial (https://pythonspot.com/login-authentication-with-flask/). This implementation is working correctly on the virtual server on my PC. When I login I get from the browser: Internal Server Error The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.
Here is my error log:
RuntimeError: The session is unavailable because no secret key was set. Set the secret_key on the application to something unique and secret. 2020-12-06 14:06:37,915: BEGIN (implicit) 2020-12-06 14:06:37,915: SELECT users.id AS users_id, users.username AS users_username, users.password AS users_password FROM users WHERE users.username IN (?) AND users.password IN (?) LIMIT ? OFFSET ? 2020-12-06 14:06:37,916: ('admin', 'admin', 1, 0) 2020-12-06 14:06:37,922: Exception on /login [POST] Traceback (most recent call last): File "/usr/lib/python3.8/site-packages/flask/app.py", line 2446, in wsgi_app response = self.full_dispatch_request() File "/usr/lib/python3.8/site-packages/flask/app.py", line 1951, in full_dispatch_request rv = self.handle_user_exception(e) File "/usr/lib/python3.8/site-packages/flask/app.py", line 1820, in handle_user_exception reraise(exc_type, exc_value, tb) File "/usr/lib/python3.8/site-packages/flask/_compat.py", line 39, in reraise raise value File "/usr/lib/python3.8/site-packages/flask/app.py", line 1949, in full_dispatch_request rv = self.dispatch_request() File "/usr/lib/python3.8/site-packages/flask/app.py", line 1935, in dispatch_request return self.view_functionsrule.endpoint File "/home/snakeproject/app.py", line 29, in do_admin_login session['logged_in'] = True File "/usr/lib/python3.8/site-packages/werkzeug/local.py", line 351, in setitem self._get_current_object()[key] = value File "/usr/lib/python3.8/site-packages/flask/sessions.py", line 102, in _fail raise RuntimeError( RuntimeError: The session is unavailable because no secret key was set. Set the secret_key on the application to something unique and secret.
I appreciate any help in that regard. Any support material or tutorial that sheds light on this problem. Thank you very much in advance!
From the error message: The session is unavailable because no secret key was set. Set the secret_key on the application to something unique and secret. You need to set a secret key in you code. It looks like the tutorial you're using sets the key in code that is only run when you're using the debug server for Flask. Make sure that you set it in code that is actually run.
Hi, I'm experiencing login issues on my flask app built on pythonanywhere. The login credentials are stored in mysql database, but when i used same credentials to log on to the app, i get a response saying incorrect username or password. I'm 100 percent sure that the username and password stored on the database are same as the one i use when logging on. Can someone help me to resolve the problem?
You need to add some logging to your web app code to check if the values match what you expect.
Che23
|
8
posts
|
