Deploying with Flask

Hello everybody.

Over the last couple of weeks I have set up a nice selenium script that does stuff and it is working pretty good, saving data to a sqlite database plus retrieving the data and using it.

This is currently hosted on amazon EC2 (free account) and after a while I managed to have it working.

The problem is: I have built the script in pure python + pure sql which I enjoyed but now I want to give the whole thing some kind of user interface and experience using flask.

My question is: Can I just take care of the whole flask thing and leave the python script running in the background as it is at the moment or should I really consider using an orm (peewee?).

THE ONLY interaction between the user and the database will be the user providing username and password details to login to a particular site and get the user data. If I got it correctly this means that I should be covered from sql injections as I will only run the database code if the username and password authenticate on the website I am then collecting the data from. So basically if some strange code is inserted my script won't be able to login and then will stop immediately.

AM I RIGHT ASSUMING THIS? I don't know much about security...

The other thing I wanted to ask is... What is a safe way to get the username and password? I want to make sure that security is all ok but I also need to access the plain username and password details to use them for the login to the "main" website where the data is.

Any ideas?

Thanks!!

Vitto