user_datastore.create_user() not adding user to MySQL db
I'm trying to create an authentication system using Python Flask. However, Whenever I submit my registration form, there are no errors and it redirects correctly, but the user information isn't ever stored in my MySQL database.
Here's the code I'm using to setup the user_datastore:
(app initiation and other config)
app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql+pymysql://root:dumbypassword@localhost/myDB
db = SQLAlchemy(app)
roles_users = db.Table('roles_users',
db.Column('email', db.String(50), db.ForeignKey('users.email')),
db.Column('role', db.String(20), db.ForeignKey('roles.role'))
)
class User(db.Model):
__tablename__ = 'users'
firstName = db.Column(db.String(20), nullable=False)
lastName = db.Column(db.String(30), nullable=False)
email = db.Column(db.String(50), primary_key=True, unique=True, nullable=False)
password = db.Column(db.LargeBinary()) # should be hashed with salt
salt = db.Column(db.String(22))
active = db.Column(db.Boolean())
confirmed = db.Column(db.DateTime())
roles = db.relationship(
'Role',
secondary=roles_users,
backref=db.backref('users')
)
class Role(db.Model):
__tablename__ = 'roles'
role = db.Column(db.String(20), primary_key=True, nullable=False)
description = db.Column(db.String(255))
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
And here's the logic in my register page for creating a new user:
salt = bcrypt.gensalt()
user_datastore.create_user(
firstName=request.form.get('firstName'),
lastName=request.form.get('lastName'),
email=request.form.get('email'),
password=bcrypt.hashpw(request.form.get('password').encode('utf-8'), salt), # TODO: Need to bcrypt pass + salt
salt=salt,
active=1,
confirmed=datetime.now()
)
After submitting the registration form with method "POST," none of the information is stored :(
See my query and result:
I have a sneaking suspicion that I'm butchering all of this, so any help, including but not limited to naming/formatting conventions, would be appreciated.
To answer your precise question - looks like you aren't committing the transaction to the DB. Flask-Security does this as part of a @after_this_request so that if any errors occur during the request, the data is rolled back. So - somewhere after processing you need to call datastore.commit()
A meta issue is - looks like you are re-inventing a bunch of stuff. Flask-Security-Too already manages registration, and you can easily extend that - furthermore it is best practice to let security oriented packages do their job - so for passwords and salting - Flask-Security and passlib already have a lot of history managing those - so unless you have some specific requirements (and I'd like to hear about those) leave that to them. Definitely don't store the salt in the DB along with the user record. Flask-Security-Too has a public api 'hash_password' you can use (it uses passlib's CryptoContext to pass appropriate options).
- Laravel query builder using 'whereNotIn' throws error
- MYSQL - count number of rows in each table
- Cannot delete or update a parent row: a foreign key constraint fails
- Condensing a query into a single better formatted query
- Redact the column in a SELECT clause depending on a condition using CodeIgniter's active record
- get images list according to there message and thread id from database
- Query the list of CITY names starting with vowels (i.e., a, e, i, o, or u) from STATION. Your result cannot contain duplicates
- how to convert mysqli_set_charset($conn,"utf8") into PDO format in MYSQL?
- MySQL, join to find only max transaction count based of group
- is `date` a valid mysql column name?
- CodeIgniter SELECT query with JOIN conditions using FIND_IN_SET() is not returning the expected results
- How to only append a wildcard at the end of a WHERE LIKE condition with CodeIgniter's active record
- How to separate logic in a Codeigniter active record WHERE clause
- Does the JDBC specification define what happens if you call ResultSet.getObject(String) for a query which has conflicting column names?
- Chronologically order a SELECT query's results by month name
- Calculate tiered discount amount using a CodeIgniter query
- Join query with comma separated values in codeigniter
- duplicate entry error in mysql - codeigniter
- What is an elegant way to deal with several optional filters?
- #1130 - Host 'localhost' is not allowed to connect to this MySQL server - After running an Acunetix scan
- Detect mysql update/insertion failure due to violated unique constraint
- Duplicate table entry error
- Catch duplicate key insert exception
- How to catch error 1062 "duplicate entry" independent from used database/engine?
- #1062 - Duplicate entry for key PRIMARY
- How to Redirect user to some other page if Duplicate Entry Error Occurs?
- check for duplicate entry vs use PDO errorInfo result
- How to handle error for duplicate entries?
- Dealing with duplicate keys in codeigniter mysql insert
- Codeigniter - Model - Duplicate Entry Alert