more login code: validate password, retrieve session variables, and redirect to /home

This commit is contained in:
Lynne Megido 2018-11-11 22:04:30 +10:00
parent 0887a6bad2
commit edf92b16aa
Signed by: lynnesbian
GPG key ID: FB7B970303ACE499

15
web.py
View file

@ -12,9 +12,14 @@ import bcrypt
cfg = json.load(open("meta.json"))
scopes = ["read:accounts", "write:statuses"]
settings = {
"cw": False,
# "disabled": False,
}
db = mysql.connector.connect(user=cfg['dbuser'], password=cfg['dbpass'], database=cfg['dbname'])
c = db.cursor()
dc = db.cursor(dictionary=True)
# MariaDB [curiousgreg]> DESCRIBE data;
# +---------------------+--------------+------+-----+-------------------------------------------+-----------------------------+
# | Field | Type | Null | Key | Default | Extra |
@ -133,8 +138,14 @@ def do_login():
acct = request.form['acct']
session['username'] = re.match("^@[^@]*", acct).group(0)
session['instance'] = "https://{}".format(re.search("@([^@]+)$", acct).group(1))
pw = c.execute("SELECT password FROM data WHERE username LIKE ? AND password LIKE ?", (session['username'], session['instance'])).fetch_one()[0]
pw = bcrypt.hashpw(pw_hashed, bcrypt.gensalt(15))
data = dc.execute("SELECT * FROM data WHERE username LIKE ? AND password LIKE ?", (session['username'], session['instance'])).fetch_one()
if bcrypt.checkpw(pw_hashed, data['password']):
#password is correct, log the user in
for item in ['username', 'instance', 'avi', 'secret', 'client_id', 'client_secret', 'cc', 'ccavi']:
session[item] = data[item]
return redirect('/home')
else:
return redirect('/login?invalid')
@app.route('/create_password')
def create_password():