okay fine this will be the last one

This commit is contained in:
Lynne Megido 2018-11-11 21:31:33 +10:00
parent b3ecbbbbc2
commit 0887a6bad2
Signed by: lynnesbian
GPG key ID: FB7B970303ACE499
2 changed files with 12 additions and 5 deletions

View file

@ -9,8 +9,8 @@
<h2>Log in to your Curious Greg account.</h2> <h2>Log in to your Curious Greg account.</h2>
<!-- <div id='logo-main'></div> --> <!-- <div id='logo-main'></div> -->
<form action='/internal/do_login' method='POST'> <form action='/internal/do_login' method='POST'>
<label for='acct'>Mastodon Account</label><br /> <label for='acct'>Mastodon @account@instan.ce</label><br />
<input name='acct' placeholder='@you@instan.ce' required /><br /> <input name='acct' placeholder='@account@instan.ce' pattern="@[^@]+@[^@]+" required /><br />
<label for='pw'>Password</label><br /> <label for='pw'>Password</label><br />
<input type='password' placeholder='••••••••' name='pw' required /><br /> <input type='password' placeholder='••••••••' name='pw' required /><br />
<button>Log In</button> <button>Log In</button>

13
web.py
View file

@ -4,7 +4,7 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this # License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/. # file, You can obtain one at http://mozilla.org/MPL/2.0/.
import requests, json, hashlib, urllib, time import requests, json, hashlib, urllib, time, re
from mastodon import Mastodon from mastodon import Mastodon
from flask import Flask, render_template, request, session, redirect, url_for from flask import Flask, render_template, request, session, redirect, url_for
import mysql.connector import mysql.connector
@ -31,8 +31,9 @@ c = db.cursor()
# | latest_post | tinytext | YES | | NULL | | # | latest_post | tinytext | YES | | NULL | |
# | latest_timestamp | timestamp | NO | | CURRENT_TIMESTAMP | on update CURRENT_TIMESTAMP | # | latest_timestamp | timestamp | NO | | CURRENT_TIMESTAMP | on update CURRENT_TIMESTAMP |
# | time_between_checks | int(11) | YES | | NULL | | # | time_between_checks | int(11) | YES | | NULL | |
# | settings | longtext | YES | | NULL | |
# +---------------------+--------------+------+-----+-------------------------------------------+-----------------------------+ # +---------------------+--------------+------+-----+-------------------------------------------+-----------------------------+
c.execute("CREATE TABLE IF NOT EXISTS `data` (username VARCHAR(64) NOT NULL, instance VARCHAR(128) NOT NULL, password TINYTEXT NOT NULL, avi TEXT NOT NULL, secret TINYTEXT NOT NULL, client_id VARCHAR(128) NOT NULL, client_secret TINYTEXT NOT NULL, cc TINYTEXT, ccavi VARCHAR(128) DEFAULT 'https://lynnesbian.space/res/ceres/cc.png', latest_post TINYTEXT, latest_timestamp TIMESTAMP, time_between_checks INT, PRIMARY KEY(username, instance))") c.execute("CREATE TABLE IF NOT EXISTS `data` (username VARCHAR(64) NOT NULL, instance VARCHAR(128) NOT NULL, password TINYTEXT NOT NULL, avi TEXT NOT NULL, secret TINYTEXT NOT NULL, client_id VARCHAR(128) NOT NULL, client_secret TINYTEXT NOT NULL, cc TINYTEXT, ccavi VARCHAR(128) DEFAULT 'https://lynnesbian.space/res/ceres/cc.png', latest_post TINYTEXT, latest_timestamp TIMESTAMP, time_between_checks INT, settings LONGTEXT, PRIMARY KEY(username, instance))")
app = Flask(cfg['name']) app = Flask(cfg['name'])
app.secret_key = cfg['flask_key'] app.secret_key = cfg['flask_key']
@ -127,7 +128,13 @@ def internal_auth_b():
@app.route('/internal/do_login') @app.route('/internal/do_login')
def do_login(): def do_login():
pass pw_in = request.form['pw']
pw_hashed = hashlib.sha256(pw_in.encode('utf-8'))
acct = request.form['acct']
session['username'] = re.match("^@[^@]*", acct).group(0)
session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1))
pw = c.execute("SELECT password FROM data WHERE username LIKE ? AND password LIKE ?", (session['username'], session['instance'])).fetch_one()[0]
pw = bcrypt.hashpw(pw_hashed, bcrypt.gensalt(15))
@app.route('/create_password') @app.route('/create_password')
def create_password(): def create_password():