Tried to make confirm link work (WIP)

This commit is contained in:
b3yond 2018-01-18 09:39:06 +01:00
parent 5feb6cf5be
commit 9ef0b27970

View file

@ -1,6 +1,7 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import os import os
import base64
import bottle import bottle
import sqlite3 import sqlite3
import sendmail import sendmail
@ -28,8 +29,10 @@ class Datagetter(object):
print(e) print(e)
return None return None
app = application = bottle.Bottle() app = application = bottle.Bottle()
@app.route('/login', method="POST") @app.route('/login', method="POST")
def login(): def login():
""" """
@ -39,12 +42,14 @@ def login():
""" """
uname = bottle.request.forms.get('uname') uname = bottle.request.forms.get('uname')
psw = bottle.request.forms.get('psw') psw = bottle.request.forms.get('psw')
psw = psw.encode("utf-8")
if pylibscrypt.scrypt_mcf_check(db.cur.execute("SELECT pass FROM user WHERE email=?;", (uname, )), psw): if pylibscrypt.scrypt_mcf_check(db.cur.execute("SELECT pass FROM user WHERE email=?;", (uname, )), psw):
# :todo Generate Session Cookie and give to user # :todo Generate Session Cookie and give to user
return bottle.static_file("../static/bot.html", root="../static") return bottle.static_file("../static/bot.html", root="../static")
else: else:
return "Wrong Credentials." return "Wrong Credentials."
@app.route('/register', method="POST") @app.route('/register', method="POST")
def register(): def register():
""" """
@ -59,7 +64,11 @@ def register():
return "ERROR: Passwords don't match. Try again." return "ERROR: Passwords don't match. Try again."
# needs to be encoded somehow # needs to be encoded somehow
payload = {"email":email, "psw_hashed":pylibscrypt.scrypt_mcf(psw)} # hash password psw = psw.encode("utf-8")
psw = pylibscrypt.scrypt_mcf(psw)
psw = base64.encodebytes(psw)
psw = psw.decode("ascii")
payload = {"email": email, "psw_hashed": psw} # hash password
encoded_jwt = jwt.encode(payload, secret) encoded_jwt = jwt.encode(payload, secret)
confirmlink = "ticketfrei.links-tech.org/confirm?" + encoded_jwt confirmlink = "ticketfrei.links-tech.org/confirm?" + encoded_jwt
config = "" config = ""
@ -83,6 +92,7 @@ def confirmaccount():
print(uname, pass_hashed) print(uname, pass_hashed)
active = "1" active = "1"
db.conn.execute("CREATE ?, ?, ? IN user;", (uname, pass_hashed, active)) db.conn.execute("CREATE ?, ?, ? IN user;", (uname, pass_hashed, active))
return bottle.static_file("../static/bot.html", root='../static')
@app.route('/static/<filename:path>') @app.route('/static/<filename:path>')
@ -122,4 +132,5 @@ if __name__ == "__main__":
global secret global secret
secret = os.urandom(32) secret = os.urandom(32)
db = Datagetter() db = Datagetter()
bottle.run(app=StripPathMiddleware(app), host='0.0.0.0', port=8080) bottle.run(app=StripPathMiddleware(app), host='0.0.0.0', port=8080)