Переработана и протестирована регистрация

2026-03-06 03:56:23 +03:00 · 2020-03-15 14:41:37 +03:00
parent 5958669a1c
commit 5ffd4e9a7e
4 changed files with 56 additions and 28 deletions
--- a/init.py
+++ b/init.py
@@ -1,13 +1,14 @@
-from flask import Flask, render_template, request
-from flask_sqlalchemy import SQLAlchemy
-from flask_simplelogin import SimpleLogin
+from flask import render_template, request
+from db_routing import app
+import db_routing
+from flask_httpauth import HTTPBasicAuth
 import os
 import hashlib
-import sqlite3

-app = Flask(__name__, static_folder='static', template_folder='templates')
-app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db'
-db = SQLAlchemy(app)
+
+if not os.path.exists('./data.db'):
+    db_routing.db.create_all()
+auth = HTTPBasicAuth()


@app.route('/', methods=['GET'])
@@ -18,35 +19,37 @@ def index():
@app.route('/registration', methods=['GET', 'POST'])
 def register():
    if request.method == 'POST':
-        UserLogin = request.form['UserLogin']
-        UserPass = request.form['UserPass']
-        if not find_user_copy(UserLogin):
-            db.session.add(UserLogin, passw_hash(UserPass))
-            db.session.commit()
-        # return render_template('your_page.html')
+        userLogin = request.form['UserLogin']
+        userPassw = request.form['UserPassw']
+        db_routing.add_user(userLogin, passw_hash(userPassw))
+    else:
+        print('Логин занят')
    return render_template('registration.html')


+@auth.verify_password
+def verify_password(user_login, user_passw):
+    user = db_routing.find_user(user_login)
+    if user:
+        userSalt = user[2][:32]
+        if passw_hash(user_passw, userSalt) == user[2]:
+            return True
+    else:
+        return False
+
+
@app.route('/content', methods=['GET'])
+@auth.login_required
 def content():
    return render_template('content.html')


-@app.errorhandler(404)
-def not_found(error):
-    return render_template('404.html'), 404
+# @app.errorhandler(404)
+# def not_found(error):
+#     return render_template('404.html'), 404


-def find_user_copy(user_login):
-    con = sqlite3.connect('data.db')
-    with con:
-        cur = con.cursor()
-        exist = cur.execute('SELECT EXISTS ( SELECT UserLogin FROM Users Where UserLogin = ' + user_login + ' LIMIT 1')
-    return exist
-
-
-def passw_hash(user_passw):
-    salt = os.urandom(32)
+def passw_hash(user_passw, salt=os.urandom(32)):
    key = hashlib.pbkdf2_hmac('sha256', user_passw.encode('utf-8'), salt, 100000)
    storage = salt + key
    # salt_from_storage = storage[:32]  # 32 длина соли
@@ -55,4 +58,4 @@ def passw_hash(user_passw):


 if __name__ == '__main__':
-    app.run()
+    db_routing.app.run()