我正在关注Flask教程,在我的应用中进行身份验证。我的用户类是这样的:
class User(UserMixin, db.Model): # Here we inherit from two classes
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(64), unique=True, index=True)
username = db.Column(db.String(64), unique=True, index=True)
role_id = db.Column(db.Integer, db.ForeignKey('roles.id'))
password_hash = db.Column(db.String(128))
# Custom property getter
@property
def password(self):
raise AttributeError('password is not a readable attribute')
# Custom property setter
@password.setter
def password(self, password):
self.password_hash = generate_password_hash(password)
def verify_password(self, password):
return check_password_hash(self.password_hash, password)
def __repr__(self):
return '<User %r>' % self.username
我的登录路线定义如下:
@auth.route('/login', methods=['GET', 'POST'])
def login():
form = LoginForm()
if form.validate_on_submit:
# Get a user by email and check password matches hash
user = User.query.filter_by(email=form.email.data).first()
if user is not None and user.verify_password(form.password.data):
login_user(user, form.remember_me.data)
flash('Invalid username or password')
return render_template('auth/login.html', form=form)
然而,当我将浏览器指向/login端点时,我收到以下错误:
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1994, in __call__
return self.wsgi_app(environ, start_response)
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1985, in wsgi_app
response = self.handle_exception(e)
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1540, in handle_exception
reraise(exc_type, exc_value, tb)
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/app/auth/views.py", line 14, in login
if user is not None and user.verify_password(form.password.data):
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/app/models.py", line 38, in verify_password
return check_password_hash(self.password_hash, password)
File "/Users/kekearif/Documents/Python/FlaskWebDev/flasky/venv/lib/python2.7/site-packages/werkzeug/security.py", line 245, in check_password_hash
if pwhash.count('$') < 2:
AttributeError: 'NoneType' object has no attribute 'count'
不确定这里发生了什么。我正在从GET调用端点(例如,提交尚未被挖掘,因此form.validate_on_submit应为false)并且根本不应该进行密码检查。我有什么想法吗?
答案 0 :(得分:2)
抛出异常是因为check_password_hash()的第一个参数是None。在您的代码中,这意味着self.password_hash是None,因为这是您传入的第一个参数:
return check_password_hash(self.password_hash, password)
这意味着User.password = ...从未执行过(generate_password_hash()无法返回None)。没有为您的用户设置密码。
为用户提供密码或防御性代码,并处理self.password_hash设置为None的情况。
请注意,您的表单测试始终为真:
if form.validate_on_submit:
因为validate_on_submit是方法,而不是属性。方法对象是非空的非零,所以是真的。你可能想调用方法:
if form.validate_on_submit():
现在返回值决定结果。