From 5ffd4e9a7e0de1bb7fcbf82ac1590aa2c798efeb Mon Sep 17 00:00:00 2001 From: burzuf Date: Sun, 15 Mar 2020 14:41:37 +0300 Subject: [PATCH] =?UTF-8?q?=D0=9F=D0=B5=D1=80=D0=B5=D1=80=D0=B0=D0=B1?= =?UTF-8?q?=D0=BE=D1=82=D0=B0=D0=BD=D0=B0=20=D0=B8=20=D0=BF=D1=80=D0=BE?= =?UTF-8?q?=D1=82=D0=B5=D1=81=D1=82=D0=B8=D1=80=D0=BE=D0=B2=D0=B0=D0=BD?= =?UTF-8?q?=D0=B0=20=D1=80=D0=B5=D0=B3=D0=B8=D1=81=D1=82=D1=80=D0=B0=D1=86?= =?UTF-8?q?=D0=B8=D1=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- __init__.py | 57 +++++++++++++++++++----------------- data.db | Bin 12288 -> 0 bytes db_routing.py | 25 ++++++++++++++++ templates/registration.html | 2 +- 4 files changed, 56 insertions(+), 28 deletions(-) delete mode 100644 data.db create mode 100644 db_routing.py diff --git a/__init__.py b/__init__.py index 3ae3440..70a5a77 100644 --- a/__init__.py +++ b/__init__.py @@ -1,13 +1,14 @@ -from flask import Flask, render_template, request -from flask_sqlalchemy import SQLAlchemy -from flask_simplelogin import SimpleLogin +from flask import render_template, request +from db_routing import app +import db_routing +from flask_httpauth import HTTPBasicAuth import os import hashlib -import sqlite3 -app = Flask(__name__, static_folder='static', template_folder='templates') -app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db' -db = SQLAlchemy(app) + +if not os.path.exists('./data.db'): + db_routing.db.create_all() +auth = HTTPBasicAuth() @app.route('/', methods=['GET']) @@ -18,35 +19,37 @@ def index(): @app.route('/registration', methods=['GET', 'POST']) def register(): if request.method == 'POST': - UserLogin = request.form['UserLogin'] - UserPass = request.form['UserPass'] - if not find_user_copy(UserLogin): - db.session.add(UserLogin, passw_hash(UserPass)) - db.session.commit() - # return render_template('your_page.html') + userLogin = request.form['UserLogin'] + userPassw = request.form['UserPassw'] + db_routing.add_user(userLogin, passw_hash(userPassw)) + else: + print('Логин занят') return render_template('registration.html') +@auth.verify_password +def verify_password(user_login, user_passw): + user = db_routing.find_user(user_login) + if user: + userSalt = user[2][:32] + if passw_hash(user_passw, userSalt) == user[2]: + return True + else: + return False + + @app.route('/content', methods=['GET']) +@auth.login_required def content(): return render_template('content.html') -@app.errorhandler(404) -def not_found(error): - return render_template('404.html'), 404 +# @app.errorhandler(404) +# def not_found(error): +# return render_template('404.html'), 404 -def find_user_copy(user_login): - con = sqlite3.connect('data.db') - with con: - cur = con.cursor() - exist = cur.execute('SELECT EXISTS ( SELECT UserLogin FROM Users Where UserLogin = ' + user_login + ' LIMIT 1') - return exist - - -def passw_hash(user_passw): - salt = os.urandom(32) +def passw_hash(user_passw, salt=os.urandom(32)): key = hashlib.pbkdf2_hmac('sha256', user_passw.encode('utf-8'), salt, 100000) storage = salt + key # salt_from_storage = storage[:32] # 32 длина соли @@ -55,4 +58,4 @@ def passw_hash(user_passw): if __name__ == '__main__': - app.run() + db_routing.app.run() diff --git a/data.db b/data.db deleted file mode 100644 index 2c17d263307e550f58f2023da110417fd4cb3577..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12288 zcmeI#&r8EF6bJB^Oq3SJyyY5tT0sQyD56z^6l>jT3hq=Yc2bxtE)~4$pW%Pze`6Xf zh#&~Njc*{y%MTvplheDMCUslMd9!*dTX{&k#2B4QNkrWCf$e?k;;nvRXZ9ohE9A6) z@;S7pd~`&kxgF3T009U<00Izz00bZa0SG_<0_zKWte@iF8A84-js>H7`B1%@=Y_4K zi}Iyy+`7n3wKBzln+9)!?Fb>*`>-wV7nR#|13%AHq?OdsS)yd%_5wNfJr~9offuJ* zU8-#Fdn;)k>t*0+b*E)|V|$(?GEd`auKFvJ(wJX2?9n8PucK@xuheYZClCFwtIciE zj|Kq Введите пароль - +