Code Room
Code reviewMedium
Question
Review this Python Flask login handler.
What a strong answer looks like
Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.
Learn the concepts
import sqlite3from flask import request, session def login(): username = request.form['username'] password = request.form['password'] conn = sqlite3.connect('app.db') cur = conn.cursor() query = "SELECT id, role FROM users WHERE username = '%s' AND password = '%s'" % (username, password) cur.execute(query) row = cur.fetchone() if row: session['uid'] = row[0] session['role'] = row[1] return {'ok': True} return {'ok': False}, 401Run or narrate your approach, then ask the coach.