Error: sqlalchemy.exc.StatementError: (sqlalchemy.exc.InvalidRequestError) A value is required for bind parameter 'user_name'
Question:
I have a Flask project that interacts with MySQL DB through Flask-SQLAlchemy Core.
I’m getting an error while binding parameters to sql query.
In this I want to bind dynamic parameters fetched from POSTMAN and return query for that specific data present in DB.
e.g:- Suppose from POSTMAN I’ve received user_name = ‘Pratik’ password = ‘123456’
SQL query to be implemented:- SELECT id, user_name, password, email_address, dob, uid FROM user WHERE user_name = ‘Pratik’ and password = ‘123456’
NOTE: I’ve hashed my password at the time of creation.
@app.route('/login', methods=['POST'])
def login():
auth= user_schema.load(request.get_json()) #Data validated and fetched from postman
user_name=auth['user_name'] #Data fetched from POSTMAN
password=generate_password_hash(auth['password'], method = 'sha256') # Data fetched from POSTMAN
conn = engine.connect()
results = conn.execute(text(f"SELECT id, user_name, password, email_address, dob, uid FROM user WHERE user_name = :user_name and password = :password",{"user_name": user_name, "password": password}))
result_dict = [dict(u) for u in results.fetchall()]
print (result_dict)
return "response"
Answers:
In this I was comparing salted password with simple plain text which didn’t work for me, so I fetched data using the only username and then compared password using "werkzeug.security import generate_password_hash,check_password_hash".
https://werkzeug.palletsprojects.com/en/2.2.x/utils/#werkzeug.security.check_password_hash
I have a Flask project that interacts with MySQL DB through Flask-SQLAlchemy Core.
I’m getting an error while binding parameters to sql query.
In this I want to bind dynamic parameters fetched from POSTMAN and return query for that specific data present in DB.
e.g:- Suppose from POSTMAN I’ve received user_name = ‘Pratik’ password = ‘123456’
SQL query to be implemented:- SELECT id, user_name, password, email_address, dob, uid FROM user WHERE user_name = ‘Pratik’ and password = ‘123456’
NOTE: I’ve hashed my password at the time of creation.
@app.route('/login', methods=['POST'])
def login():
auth= user_schema.load(request.get_json()) #Data validated and fetched from postman
user_name=auth['user_name'] #Data fetched from POSTMAN
password=generate_password_hash(auth['password'], method = 'sha256') # Data fetched from POSTMAN
conn = engine.connect()
results = conn.execute(text(f"SELECT id, user_name, password, email_address, dob, uid FROM user WHERE user_name = :user_name and password = :password",{"user_name": user_name, "password": password}))
result_dict = [dict(u) for u in results.fetchall()]
print (result_dict)
return "response"
In this I was comparing salted password with simple plain text which didn’t work for me, so I fetched data using the only username and then compared password using "werkzeug.security import generate_password_hash,check_password_hash".
https://werkzeug.palletsprojects.com/en/2.2.x/utils/#werkzeug.security.check_password_hash