Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial


Vittorio Somaschini
Vittorio Somaschini
33,371 Points

Deploying with Flask

Hello everybody.

Over the last couple of weeks I have set up a nice selenium script that does stuff and it is working pretty good, saving data to a sqlite database plus retrieving the data and using it.

This is currently hosted on amazon EC2 (free account) and after a while I managed to have it working.

The problem is: I have built the script in pure python + pure sql which I enjoyed but now I want to give the whole thing some kind of user interface and experience using flask.

My question is: Can I just take care of the whole flask thing and leave the python script running in the background as it is at the moment or should I really consider using an orm (peewee?).

THE ONLY interaction between the user and the database will be the user providing username and password details to login to a particular site and get the user data. If I got it correctly this means that I should be covered from sql injections as I will only run the database code if the username and password authenticate on the website I am then collecting the data from. So basically if some strange code is inserted my script won't be able to login and then will stop immediately.

AM I RIGHT ASSUMING THIS? I don't know much about security...

The other thing I wanted to ask is... What is a safe way to get the username and password? I want to make sure that security is all ok but I also need to access the plain username and password details to use them for the login to the "main" website where the data is.

Any ideas?