SPEAKER 1: Users will be able to interact with your website in a variety of different ways. They'll be able to look up prices for stocks. If they have enough cash for it, then they can buy shares of stocks that they want. If they're logged in, then they can see their transaction history and information about their cash and holdings. They'll be able to sell the stocks that they have. And they'll be able to execute any additional feature that you've chosen to implement. Now of course, the first thing that we'll have to do is allow new users to register for our website. Let's break register down into four tasks. One, we'll want to display a form so that the user can enter in their user name and the password that they want. We'll want to make sure that they know that new password. So we'll want to ask them to confirm it and make sure that they match. If that user name doesn't already exist for our website, then we'll add that user to the database and automatically log them in. So how might we display a form? Well, I want you to go back to the login.html template and borrow from that, because login asks a user to provide a user name and their password. So all we need to do is add a password confirmation field. And this is done via a post request. Go back to your notes and see if you know why we've chosen post as opposed to get. Now that we've finished the template, we can move on to the route in application.py and access the information that the user submitted. Remember, you can do this via request.form.get and then asking for the name of that relevant input box. So in order to validate the passwords that the user has provided, you want to first make sure that the fields aren't left blank. Otherwise, you'll apologize. Then you'll want to make sure that the given password and the confirmation password do match, otherwise apologizing once again. Now for security's sake, we won't want to actually store the user's password in our database. Rather, we'll want to store the hash, generating the hash with this function. Now let's add our new user to the database by running this following query. I'm going to insert into the user's table, into the user name and hash columns, the following values. Notice here, I don't actually pass in those variables right away, but rather use placeholders. This is to protect against SQL injection attacks. The user name value is the value that I get from retrieving the information from my form. And then the hash is the result of hashing that password. Once our users have registered successfully, let's do them a favor and log them in automatically into our website, by storing their ID in session.get user_ID. Once they're logged in, they can start using our website.