fix sqlite commands, rename to website.py

This commit is contained in:
b3yond 2018-01-26 15:19:03 +01:00
parent c9d5f7441a
commit 0ba2438541
3 changed files with 14 additions and 8 deletions

1
.gitignore vendored
View file

@ -7,6 +7,7 @@ last_mail
ticketfrei.cfg ticketfrei.cfg
seen_toots.pickle seen_toots.pickle
seen_toots.pickle.part seen_toots.pickle.part
ticketfrei.sqlite
pip-selfcheck.json pip-selfcheck.json
config.toml config.toml
bin/ bin/

View file

@ -33,9 +33,6 @@ passphrase = "sup3rs3cur3"
# Mailing list where you want to send warnings to # Mailing list where you want to send warnings to
list = "yourcity_ticketfrei@lists.links-tech.org" list = "yourcity_ticketfrei@lists.links-tech.org"
[web]
secret = "adoijf83wuc2mwipje8r"
[logging] [logging]
# The directory where logs should be stored. # The directory where logs should be stored.
logpath = "logs/ticketfrei.log" logpath = "logs/ticketfrei.log"

View file

@ -12,7 +12,7 @@ import pylibscrypt
class Datagetter(object): class Datagetter(object):
def __init__(self): def __init__(self):
self.db = "../../../ticketfrei.sqlite" self.db = "../ticketfrei.sqlite"
self.conn = self.create_connection(self.db) self.conn = self.create_connection(self.db)
self.cur = self.conn.cursor() self.cur = self.conn.cursor()
@ -43,7 +43,10 @@ def login():
uname = bottle.request.forms.get('uname') uname = bottle.request.forms.get('uname')
psw = bottle.request.forms.get('psw') psw = bottle.request.forms.get('psw')
psw = psw.encode("utf-8") psw = psw.encode("utf-8")
if pylibscrypt.scrypt_mcf_check(db.cur.execute("SELECT pass FROM user WHERE email=?;", (uname, )), psw): db.cur.execute("SELECT pass_hashed FROM user WHERE email=?;", (uname, )), psw
pass_hashed = db.cur.fetchone()
print(pass_hashed)
if pylibscrypt.scrypt_mcf_check(pass_hashed, psw):
# :todo Generate Session Cookie and give to user # :todo Generate Session Cookie and give to user
return bottle.static_file("../static/bot.html", root="../static") return bottle.static_file("../static/bot.html", root="../static")
else: else:
@ -63,6 +66,8 @@ def register():
if pswrepeat != psw: if pswrepeat != psw:
return "ERROR: Passwords don't match. Try again." return "ERROR: Passwords don't match. Try again."
# check if email is already in use
# needs to be encoded somehow # needs to be encoded somehow
psw = psw.encode("utf-8") psw = psw.encode("utf-8")
psw = pylibscrypt.scrypt_mcf(psw) psw = pylibscrypt.scrypt_mcf(psw)
@ -91,7 +96,8 @@ def confirmaccount():
pass_hashed = dict["psw_hashed"] pass_hashed = dict["psw_hashed"]
print(uname, pass_hashed) print(uname, pass_hashed)
active = "1" active = "1"
db.conn.execute("CREATE ?, ?, ? IN user;", (uname, pass_hashed, active)) db.cur.execute("INSERT INTO user(id, email, pass_hashed, enabled) VALUES(?, ?, ?, ?);", (uname, pass_hashed, active, True))
db.conn.commit()
return bottle.static_file("../static/bot.html", root='../static') return bottle.static_file("../static/bot.html", root='../static')
@ -132,5 +138,7 @@ if __name__ == "__main__":
global secret global secret
secret = os.urandom(32) secret = os.urandom(32)
db = Datagetter() db = Datagetter()
try:
bottle.run(app=StripPathMiddleware(app), host='0.0.0.0', port=8080) bottle.run(app=StripPathMiddleware(app), host='0.0.0.0', port=8080)
finally:
db.conn.close()