在本教程中,我们将解释如何用Python、Flask和MySQL开发用户管理系统。
用户部分是任何Web应用程序的一个重要部分,在其中,用户被创建、更新、删除、查看等。我们可以使用Flask和MySQL包在Python中轻松开发用户管理系统。
因此,让我们继续用Python、Flask和MySQL来开发用户管理系统。
应用程序设置
我们将使用以下命令创建应用程序目录user-management-system-python 。
$ mkdir user-management-system-python
然后移动到项目目录下
$ cd user-management-system-python
需要的模块
我们将在这个应用程序中使用Python中的以下模块:
- Flask:它是Python的一个微型框架,用于创建Web应用程序。所以我们将安装这个模块来创建Web应用程序。我们将使用下面的命令来安装它。
pip install Flask
- flask_mysqldb。这是一个Python包,可以用来连接到MySQL数据库。我们将使用下面的命令来安装它。
pip install flask_mysqldb
创建MySQL数据库和表
我们将创建MySQL数据库user-system ,并创建表user ,以存储用户详细信息。
CREATE TABLE `user` (
`userid` int(11) NOT NULL,
`name` varchar(100) NOT NULL,
`email` varchar(100) NOT NULL,
`password` varchar(255) NOT NULL,
`role` enum('admin','user') NOT NULL,
`country` varchar(350) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
ALTER TABLE `user`
ADD PRIMARY KEY (`userid`);
ALTER TABLE `user`
MODIFY `userid` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=8;
创建应用程序文件
我们将在项目根目录下创建应用程序文件app.py 。
然后我们将导入已安装的模块Flask 和flask_mysqldb 及其助手。
我们将创建Flask应用程序并为MySQL数据库连接指定app.config ,以访问数据库。
from flask import Flask, render_template, request, redirect, url_for, session
from flask_mysqldb import MySQL
import MySQLdb.cursors
import re
app = Flask(__name__)
app.secret_key = 'xyzsdfg'
app.config['MYSQL_HOST'] = 'localhost'
app.config['MYSQL_USER'] = 'root'
app.config['MYSQL_PASSWORD'] = ''
app.config['MYSQL_DB'] = 'user-system'
mysql = MySQL(app)
@app.route('/')
if __name__ == "__main__":
app.run()
实现用户登录部分
我们将创建模板文件templates/login.html ,并创建带有输入和提交按钮的表格。
<form action="{{ url_for('login') }}" method="post">
{% if mesage is defined and mesage %}
<div class="alert alert-warning">{{ mesage }}</div>
{% endif %}
<div class="form-group">
<label for="email">Email:</label>
<input type="email" class="form-control" id="email" name="email" placeholder="Enter email" name="email">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input type="password" class="form-control" id="password" name="password" placeholder="Enter password" name="pswd">
</div>
<button type="submit" class="btn btn-primary">Login</button>
</form>
然后我们将在app.py 文件中创建函数login() ,并调用函数render_template() ,渲染login.html 文件,以加载用户登录页面。我们将通过执行SQL查询来实现登录功能,以执行用户登录。
@app.route('/login', methods =['GET', 'POST'])
def login():
mesage = ''
if request.method == 'POST' and 'email' in request.form and 'password' in request.form:
email = request.form['email']
password = request.form['password']
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM user WHERE email = % s AND password = % s', (email, password, ))
user = cursor.fetchone()
if user:
if user['role'] == 'admin':
session['loggedin'] = True
session['userid'] = user['userid']
session['name'] = user['name']
session['email'] = user['email']
mesage = 'Logged in successfully !'
return redirect(url_for('users'))
else:
mesage = 'Only admin can login'
else:
mesage = 'Please enter correct email / password !'
return render_template('login.html', mesage = mesage)
@app.route('/logout')
实现添加新用户
我们将创建模板文件templates/register.html ,并创建带有输入和提交按钮的用户表格。
<form action="{{ url_for('register') }}" method="post">
{% if mesage is defined and mesage %}
<div class="alert alert-warning">{{ mesage }}</div>
{% endif %}
<div class="form-group">
<label for="name">Name:</label>
<input type="text" class="form-control" id="name" name="name" placeholder="Enter name">
</div>
<div class="form-group">
<label for="email">Email:</label>
<input type="email" class="form-control" id="email" name="email" placeholder="Enter email">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input type="password" class="form-control" id="password" name="password" placeholder="Enter password">
</div>
<div class="form-group">
<label for="role">Role:</label>
<select class="form-control" id="role" name="role">
<option value="admin">Admin</option>
<option value="user">User</option>
</select>
</div>
<div class="form-group">
<label for="country">Country:</label>
<input type="text" class="form-control" id="country" name="country">
</div>
<button type="submit" class="btn btn-primary">Register</button>
</form>
我们将使用表单的提交值实现新用户的添加。我们将把用户的详细信息插入到user 表。
@app.route('/register', methods =['GET', 'POST'])
def register():
mesage = ''
if request.method == 'POST' and 'name' in request.form and 'password' in request.form and 'email' in request.form :
userName = request.form['name']
password = request.form['password']
email = request.form['email']
role = request.form['role']
country = request.form['country']
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM user WHERE email = % s', (email, ))
account = cursor.fetchone()
if account:
mesage = 'User already exists !'
elif not re.match(r'[^@]+@[^@]+\.[^@]+', email):
mesage = 'Invalid email address !'
elif not userName or not password or not email:
mesage = 'Please fill out the form !'
else:
cursor.execute('INSERT INTO user VALUES (NULL, % s, % s, % s, % s, % s)', (userName, email, password, role, country))
mysql.connection.commit()
mesage = 'New user created!'
elif request.method == 'POST':
mesage = 'Please fill out the form !'
return render_template('register.html', mesage = mesage)
实现用户列表
我们将创建templates/users.html 模板文件并创建HTML来显示用户列表。然后实现循环浏览用户数据并显示列表中的详细信息。
<table class="table table-striped">
<thead>
<tr>
<th>Name</th>
<th>Email</th>
<th>Role</th>
<th>Country</th>
<th></th>
<th></th>
<th></th>
<th></th>
</tr>
</thead>
<tbody>
{% for user in users %}
<tr>
<td>{{user.name}}</td>
<td>{{user.email}}</td>
<td>{{user.role}}</td>
<td>{{user.country}}</td>
<td><a href="{{url_for('view', userid=user.userid)}}" class="btn btn-success">View</a></td>
<td><a href="{{url_for('edit', userid=user.userid)}}" class="btn btn-primary">Edit</a></td>
<td><a href="{{url_for('password_change', userid=user.userid)}}" class="btn btn-warning">Change Password</a></td>
<td><a href="{{url_for('delete', userid=user.userid)}}" class="btn btn-danger">Delete</a></td>
</tr>
{% endfor %}
</tbody>
</table>
我们将在app.py 中创建函数users() ,并实现从数据库表中获取所有用户数据的功能,并传递给模板users.html ,以显示列表。
@app.route("/users", methods =['GET', 'POST'])
def users():
if 'loggedin' in session:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM user')
users = cursor.fetchall()
return render_template("users.html", users = users)
return redirect(url_for('login'))
实现用户编辑部分
我们将创建模板文件templates/edit.html ,并创建用户编辑表单。
<form action="{{ url_for('edit') }}" method="post">
{% if mesage is defined and mesage %}
<div class="alert alert-warning">{{ mesage }}</div>
{% endif %}
<div class="form-group">
<label for="name">Name:</label>
<input type="text" class="form-control" id="name" name="name" value="{{ editUser.name }}">
</div>
<div class="form-group">
<label for="role">Role:</label>
<select class="form-control" id="role" name="role">
<option value="admin" {% if editUser.role == 'admin' %}selected{% endif %}>Admin</option>
<option value="user" {% if editUser.role == 'user' %}selected{% endif %}>User</option>
</select>
</div>
<div class="form-group">
<label for="country">Country:</label>
<input type="text" class="form-control" id="country" name="country" value="{{ editUser.country }}">
</div>
<input type="hidden" id="userid" name="userid" value="{{ editUser.userid }}">
<button type="submit" class="btn btn-primary">Save</button>
</form>
我们将在app.py 中创建edit() 函数,实现用户编辑功能并渲染edit.html 模板。
@app.route("/edit", methods =['GET', 'POST'])
def edit():
msg = ''
if 'loggedin' in session:
editUserId = request.args.get('userid')
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM user WHERE userid = % s', (editUserId, ))
editUser = cursor.fetchone()
if request.method == 'POST' and 'name' in request.form and 'userid' in request.form and 'role' in request.form and 'country' in request.form :
userName = request.form['name']
role = request.form['role']
country = request.form['country']
userId = request.form['userid']
if not re.match(r'[A-Za-z0-9]+', userName):
msg = 'name must contain only characters and numbers !'
else:
cursor.execute('UPDATE user SET name =% s, role =% s, country =% s WHERE userid =% s', (userName, role, country, (userId, ), ))
mysql.connection.commit()
msg = 'User updated !'
return redirect(url_for('users'))
elif request.method == 'POST':
msg = 'Please fill out the form !'
return render_template("edit.html", msg = msg, editUser = editUser)
return redirect(url_for('login'))
实现用户密码修改
我们将创建模板文件templates/password_change.html ,并创建密码更改表格来实现功能。
<form action="{{ url_for('password_change') }}" method="post">
{% if mesage is defined and mesage %}
<div class="alert alert-warning">{{ mesage }}</div>
{% endif %}
<div class="form-group">
<label for="country">Password:</label>
<input type="password" class="form-control" id="password" name="password">
</div>
<div class="form-group">
<label for="country">Confirm Password:</label>
<input type="password" class="form-control" id="confirm_pass" name="confirm_pass">
</div>
<input type="hidden" id="userid" name="userid" value="{{ changePassUserId }}">
<button type="submit" class="btn btn-primary">Update</button>
</form>
我们将在app.py 中创建一个函数password_change() ,实现用户密码更改功能。
@app.route("/password_change", methods =['GET', 'POST'])
def password_change():
mesage = ''
if 'loggedin' in session:
changePassUserId = request.args.get('userid')
if request.method == 'POST' and 'password' in request.form and 'confirm_pass' in request.form and 'userid' in request.form :
password = request.form['password']
confirm_pass = request.form['confirm_pass']
userId = request.form['userid']
if not password or not confirm_pass:
mesage = 'Please fill out the form !'
elif password != confirm_pass:
mesage = 'Confirm password is not equal!'
else:
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('UPDATE user SET password =% s WHERE userid =% s', (password, (userId, ), ))
mysql.connection.commit()
mesage = 'Password updated !'
elif request.method == 'POST':
mesage = 'Please fill out the form !'
return render_template("password_change.html", mesage = mesage, changePassUserId = changePassUserId)
return redirect(url_for('login'))
实现查看用户详细信息
我们将创建templates/view.html 文件并实现显示用户详细信息。
<h3>User Details</h3>
<br>
<h4>{{user.name}}</h4>
<p><strong>Email: </strong> {{user.email}}. </p>
<p><strong>Role: </strong> {{user.role}} </p>
<p><strong>Skills: </strong> {{user.country}}</p>
我们将在app.py 中创建函数view() ,实现从数据库表中获取用户详细信息,并传递给模板view.html ,显示用户详细信息。
@app.route("/view", methods =['GET', 'POST'])
def view():
if 'loggedin' in session:
viewUserId = request.args.get('userid')
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
cursor.execute('SELECT * FROM user WHERE userid = % s', (viewUserId, ))
user = cursor.fetchone()
return render_template("view.html", user = user)
return redirect(url_for('login'))
