Creating user objects
Creating a new user is just like creating an entry or tag with one exception: we need to securely hash the user's password. You should never store passwords as plaintext and, due to the ever-increasing sophistication of hackers, it is best to use a strong cryptographic hash function. We will be using the Flask-Bcrypt extension to hash and check our passwords, so let's install the extension using pip:
(blog) $ pip install flask-bcrypt ... Successfully installed Flask-Bcrypt Cleaning up...
Open app.py and add the following code to register the extension with our app:
from flask.ext.bcrypt import Bcrypt bcrypt = Bcrypt(app)
Now let's add some methods to the User object that will make creating and checking passwords straightforward:
from app import bcrypt
class User(db.Model):
# ... column definitions, other methods ...
@staticmethod
def make_password(plaintext):
return bcrypt.generate_password_hash(plaintext)
def check_password(self, raw_password...
