我正在我的网站上实现一个管理页面,但即使我输入了正确的凭据,它仍然说"没有访问"
app.py:
@app.route('/login')
def login():
return render_template('login.html', incorrect=False)
@app.route('/login', methods=['POST'])
def login_post():
creds = dict(request.form)
if creds['username'] == USERNAME and creds['password'] == PASSWORD:
return redirect(url_for('admin', authenticated=1))
else:
return render_template('login.html', incorrect=True)
@app.route('/admin')
def admin(authenticated=0):
conn = sqlite3.connect('articles.db')
cur = conn.cursor()
cur.execute("SELECT * FROM PENDING")
articles = cur.fetchall()
#print(articles)
conn.close()
return render_template('admin.html', authenticated=authenticated, articles=articles)
注意:凭证都是admin(设置在. inf文件中)
Login.html:
{% extends "base.html" %}
{% block title %}Login{% endblock %}
{% block content %}
<div class="write container py-3 mx-auto bg-muted text-white" style="width: 60vw;">
<h1 action="{{ url_for('write_post') }}" data-aos="fade-up">Admin Login</h1>
{% if incorrect %}
<div class="alert alert-danger alert-dismissible">
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
<strong>Incorrect Credentials</strong> Please try again.
</div>
{% endif %}
<form method="POST" enctype=multipart/form-data>
<label data-aos="fade-up" data-aos-delay="50" for="username">Username:</label><br>
<input data-aos="fade-up" data-aos-delay="100" required maxlength="255" id="username" name="username"><br><br>
<label data-aos="fade-up" data-aos-delay="150" for="password">Password:</label><br>
<input data-aos="fade-up" data-aos-delay="200" required maxlength="255" id="password" name="password"><br><br>
<input data-aos="fade-up" data-aos-delay="450" class="btn btn-success" type="submit">
</form>
</div>
{% endblock %}
admin.html:
{% extends "base.html" %}
{% block title %}Admin{% endblock %}
{% block content %}
{% if authenticated %}
<div data-aos="fade-down" class=".container p-5 bg-muted text-white">
<h1>Articles pending review: </h1>
</div>
{% else %}
<div data-aos="fade-down" class=".container p-5 bg-muted text-white">
<h1>No Access</h1>
<p>You are not logged in!</p>
</div>
{% endif %}
{% endblock %}
在www.example.com中,即使我通过了1,admin.html中的if authenticated
计算为false.
网址是http://127.0.0.1:5001/admin?authenticated=1
flask服务器运行时使用flask run --debug --port 5001
我该如何解决这个问题,并显示管理页面的内容,如果登录?