Skip to main content
Welcome. This lesson walks through the login application’s core code and explains how users are routed after authentication. The primary logic lives in app.py, which sets up the database connection (via a get_db_connection() helper) and exposes the Flask routes for rendering the login form, validating credentials, and forwarding authenticated users to the product application. Below is a single, complete snippet that demonstrates the full flow — from form submission to redirect — replacing fragmented examples with one concise implementation.
Key points about this implementation
  • The app uses get_db_connection() to obtain a DB connection and performs a parameterized query to look up the user by email and password.
  • On success, the route redirects to /product, which in turn forwards to the product application at the configured external URL.
  • The Flask app listens on 0.0.0.0:5000 with debug=True for local development.
Routes summary Security note
This example checks passwords as stored plaintext in the database. Storing or comparing plaintext passwords is insecure. In production, always store hashed passwords (e.g., using bcrypt) and verify using a secure hashing check. Also run the app over HTTPS in production.
Best practices and quick improvements
  • Password storage: Replace plaintext storage with a strong hashing scheme (bcrypt, Argon2). Verify using the hashing library rather than direct comparison.
  • Sessions: After authentication, set a secure session or issue a JWT so subsequent requests can be authorized without re-checking credentials.
  • Input validation: Validate and sanitize form inputs before using them in queries or application logic.
  • HTTPS: Deploy behind TLS in production and disable debug=True for safety.
  • Connection handling: Use connection pooling for production workloads (e.g., SQLAlchemy pool, a connection pooler).
Links and references Next steps
  • Containerize this service with a Dockerfile and build images for your CI pipeline.
  • Add automated tests and a CI job (e.g., AWS CodeBuild).
  • Deploy via a CD pipeline (e.g., AWS CodePipeline) and secure traffic with HTTPS.
That’s it for this lesson — see you in the next one.

Watch Video