From 0887a6bad2e9d3b9bd19620eecd75a44062d37e2 Mon Sep 17 00:00:00 2001 From: Lynne Date: Sun, 11 Nov 2018 21:31:33 +1000 Subject: [PATCH] okay fine this will be the last one --- templates/login.html | 4 ++-- web.py | 13 ++++++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/templates/login.html b/templates/login.html index 5f62c4a..9ef20da 100644 --- a/templates/login.html +++ b/templates/login.html @@ -9,8 +9,8 @@

Log in to your Curious Greg account.

-
-
+
+


diff --git a/web.py b/web.py index 00efda2..089d616 100755 --- a/web.py +++ b/web.py @@ -4,7 +4,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -import requests, json, hashlib, urllib, time +import requests, json, hashlib, urllib, time, re from mastodon import Mastodon from flask import Flask, render_template, request, session, redirect, url_for import mysql.connector @@ -31,8 +31,9 @@ c = db.cursor() # | latest_post | tinytext | YES | | NULL | | # | latest_timestamp | timestamp | NO | | CURRENT_TIMESTAMP | on update CURRENT_TIMESTAMP | # | time_between_checks | int(11) | YES | | NULL | | +# | settings | longtext | YES | | NULL | | # +---------------------+--------------+------+-----+-------------------------------------------+-----------------------------+ -c.execute("CREATE TABLE IF NOT EXISTS `data` (username VARCHAR(64) NOT NULL, instance VARCHAR(128) NOT NULL, password TINYTEXT NOT NULL, avi TEXT NOT NULL, secret TINYTEXT NOT NULL, client_id VARCHAR(128) NOT NULL, client_secret TINYTEXT NOT NULL, cc TINYTEXT, ccavi VARCHAR(128) DEFAULT 'https://lynnesbian.space/res/ceres/cc.png', latest_post TINYTEXT, latest_timestamp TIMESTAMP, time_between_checks INT, PRIMARY KEY(username, instance))") +c.execute("CREATE TABLE IF NOT EXISTS `data` (username VARCHAR(64) NOT NULL, instance VARCHAR(128) NOT NULL, password TINYTEXT NOT NULL, avi TEXT NOT NULL, secret TINYTEXT NOT NULL, client_id VARCHAR(128) NOT NULL, client_secret TINYTEXT NOT NULL, cc TINYTEXT, ccavi VARCHAR(128) DEFAULT 'https://lynnesbian.space/res/ceres/cc.png', latest_post TINYTEXT, latest_timestamp TIMESTAMP, time_between_checks INT, settings LONGTEXT, PRIMARY KEY(username, instance))") app = Flask(cfg['name']) app.secret_key = cfg['flask_key'] @@ -127,7 +128,13 @@ def internal_auth_b(): @app.route('/internal/do_login') def do_login(): - pass + pw_in = request.form['pw'] + pw_hashed = hashlib.sha256(pw_in.encode('utf-8')) + acct = request.form['acct'] + session['username'] = re.match("^@[^@]*", acct).group(0) + session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1)) + pw = c.execute("SELECT password FROM data WHERE username LIKE ? AND password LIKE ?", (session['username'], session['instance'])).fetch_one()[0] + pw = bcrypt.hashpw(pw_hashed, bcrypt.gensalt(15)) @app.route('/create_password') def create_password():