def insertIdeaDB(self, uname, name, language, type, audience, feature,
detail):
date = datetime.date.today()
github = self.c.execute('SELECT id FROM users WHERE github=?',
(uname, ))
for i in github:
user_id = i[0]
getId = "SELECT COUNT(IDEA_ID) FROM ideas"
count = self.c.execute(getId)
for i in count: # Let the id starts from 1
idea_id = i[0] + 1
insert = '''
INSERT INTO ideas (IDEA_ID, idea_name, idea_language, idea_type, idea_audience, idea_feature, idea_detail, idea_date, user_id)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);
'''
self.c.execute(insert, (idea_id, password.encrypt(
8, name), language, type, audience, password.encrypt(
8, feature), password.encrypt(8, detail), date, user_id))
self.connection.commit()
return 1
def updateIdeaData(self, id, name, language, type, audience, feature,
detail):
update = '''
UPDATE ideas
SET idea_name=?, idea_language=?, idea_type=?, idea_audience=?, idea_feature=?, idea_detail=?
WHERE IDEA_ID=?
'''
data = (password.encrypt(8, name), language, type, audience,
password.encrypt(8, feature), password.encrypt(8, detail), id)
self.c.execute(update, data)
self.connection.commit()
def details():
rows = {}
users = mongo.db.users
existing_user = users.find_one({'email': session['email']})
x = existing_user['pwd']
print(x)
if (request.method == 'GET'):
for i in existing_user:
if "pwd" == str(i):
rows[str(i)] = str(password.decrypt(x[0], x[1]))
elif "password" in str(i):
y = existing_user[str(i)]
rows[str(i)] = str(password.decrypt(y[0], y[1]))
else:
rows[str(i)] = str(existing_user[str(i)])
#print(rows)
return render_template("details.html", rows=rows)
elif (request.method == 'POST'):
#print(existing_user['email'])
for j in existing_user:
if (j not in "_id" and j not in "times" and j not in "isverified"):
if j == "pwd":
rows[str(j)] = password.encrypt(request.form[str(j)])[0]
passw = password.encrypt(request.form[str(j)])
op = []
op.append(passw[0])
op.append(passw[1])
users.update({'email': existing_user['email']},
{'$set': {
'pwd': op
}})
elif "password" in j:
rows[str(j)] = password.encrypt(request.form[str(j)])[0]
passw = password.encrypt(request.form[str(j)])
op = []
op.append(passw[0])
op.append(passw[1])
users.update({'email': existing_user['email']},
{'$set': {
str(j): op
}})
else:
rows[str(j)] = str(existing_user[str(j)])
users.update({'email': existing_user['email']},
{'$set': {
str(j): request.form[str(j)]
}})
#print(rows)
message = Markup("<strong> Details Successfully updated.</strong>")
flash(message)
return redirect(url_for('details'))
def do_login(username,pwd,mbytes=0,minutes=0):
pwd = password.encrypt(pwd)
payload = {
'action':'login',
'username':username,
'password':pwd,
'drop':0,
'pop':0,
'type':2,
'n':117,
'mbytes':0,
'minutes':0,
'ac_id':1
}
header = {
'user-agent':'pySrun4k'
}
r = requests.post("http://10.0.0.55/cgi-bin/srun_portal",data=payload,headers=header)
if ('login_error' in r.text):
ret = {
'success':False,
'code':int(r.text[13:17]),
'reason':r.text[19:]
}
return ret;
elif ('login_ok' in r.text):
ret = {
'success':True,
'data':r.text.split(',')[1:]
}
return ret;
else:
raise pySrun4kError(r.text)
def do_login(username, pwd, mbytes=0, minutes=0):
pwd = password.encrypt(pwd)
payload = {
'action': 'login',
'username': username,
'password': pwd,
'drop': 0,
'pop': 0,
'type': 2,
'n': 117,
'mbytes': 0,
'minutes': 0,
'ac_id': 1
}
header = {'user-agent': 'pySrun4k'}
r = requests.post("http://202.201.252.10/cgi-bin/srun_portal",
data=payload,
headers=header)
if ('login_error' in r.text):
ret = {
'success': False,
'code': int(r.text[13:17]),
'reason': r.text[19:]
}
return ret
elif ('login_ok' in r.text):
ret = {'success': True, 'data': r.text.split(',')[1:]}
return ret
else:
raise pySrun4kError(r.text)
def signup():
if request.method == 'POST':
users = mongo.db.users
existing_user = users.find_one({'email': request.form['email']})
if existing_user is None:
session['email'] = request.form['email']
email_verification(request.form['email'])
hashpass = password.encrypt(request.form['pwd'])
users.insert({
'name': request.form['first_name'],
'lastname': request.form['last_name'],
'email': request.form['email'],
'pwd': hashpass,
'address': request.form['address1'],
'address1': request.form['address2'],
'zipcode': request.form['zipcode'],
'city': request.form['city'],
'state': request.form['state'],
'no': request.form['phone_no'],
'isverified': "false"
})
session['email'] = request.form['email']
session['name'] = request.form['first_name']
return redirect(url_for('verify'))
else:
message = Markup("<strong>That Account already exists!</strong>")
flash(message)
return render_template('signup.html')
return render_template('signup.html')
def autoupdate_texti(idd, value):
users = mongo.db.users
existing_user = users.find_one({'email' : session['email']})
if "password" in idd:
users.update({"email": existing_user["email"]}, {"$set": {idd : password.encrypt(value)}})
else:
users.update({"email": existing_user["email"]}, {"$set": {idd : value}})
return 'OK'
def autoupdate_text():
idd = request.args.get('id', None)
val = request.args.get('value', None)
if "password" in idd:
idd = password.encrypt(val)
if(request.method == 'POST'):
return autofill.autoupdate_texti(idd,val)
else:
return autofill.autoupdate_texti(idd,val)
def process_login(session):
if session.get('in'):
bottle.redirect('/index')
p = bottle.request.forms.get('password')
with open('config.json') as f:
passw, salt = json.load(f)['password']
hashed = password.encrypt(p, salt)[0]
if hashed == passw:
session['in'] = True
bottle.redirect('/index')
bottle.redirect('/')
def can_login(self, judge_no, passwd):
hash_pass = password.encrypt(passwd)
sql = (
"select * "
"from judge_password "
"where judge_no = %s "
" and password = '******' "
" ; " % (
judge_no,
hash_pass)
)
rec = self.conn.fetchRecords(sql)
if rec:
return True
return False
def changedpassword():
if request.method == "POST":
if(str(request.form['changed_password']) in change_password_array):
change_password_array.remove(str(request.form['changed_password']))
passw = password.encrypt(change_password)
opp = []
opp.append(passw[0])
opp.append(passw[1])
users = mongo.db.users
existing_user = users.find_one({'email' : session['email']})
users.update({'email': existing_user['email']}, {'$set' : {'password' : opp}})
return redirect(url_for('login_website'))
else:
message = Markup("<strong>Please enter the password which is sent to your registered email.</strong>")
flash(message)
return render_template('changepassword.html')
def login(): # login
error = None
if request.method == "POST":
if db.findOne(
"users", {"email": request.form["email"]}) and db.findOne(
"users", {"password": encrypt(request.form["password"])}):
session["logged_in"] = True
session["id"] = request.form["username"]
flash("Successfully logged in")
return redirect(url_for("home"))
else:
error = "Invalid Credentials. Please try again."
if "logged_in" in session:
flash("You are already logged in")
return redirect(url_for("home"))
return render_template("login.html", error=error)
def signup(): # signup
error = None
if request.method == "POST":
if db.findOne("users",
{"username": request.form["username"]}) or db.findOne(
"users", {"email": request.form["email"]}):
error = "Email/Username already exists please choose another"
else:
document = {
"email": request.form["email"],
"username": request.form["username"],
"password": encrypt(request.form["password"]),
"user": "******"
}
db.insert("users", document)
flash("User succesfully added, please login to confirm")
return redirect(url_for("login"))
return render_template("signup.html", error=error)
def register(self, uname, pword, name, email, github):
getId = "SELECT COUNT(id) FROM users"
count = self.c.execute(getId)
for i in count: # Let the id starts from 1
id = i[0] + 1
# Insert data to the database
insert = '''
INSERT INTO users (id, github, pword, names, email, github_url, register_date)
VALUES (?, ?, ?, ?, ?, ?, ?)
'''
info = (id, uname, str(password.encrypt(id + 18,
pword)), name, email, github,
datetime.date.today())
self.c.execute(insert, info)
self.connection.commit()
'''This utility only needs to be run once to convert from an unencrypted database.'''
'''Fill in password here before running'''
password = ''
conn = sqlite3.connect(pwdatabase)
salt = [i for i in conn.execute('select salt from master_pass')][0][0]
print(salt)
aes_key = bcrypt.kdf(password, salt, 16, 32)
print(toHex(aes_key))
rowids = [i[0] for i in conn.execute('select rowid from passwords')]
print(rowids)
for rowid in rowids:
password = [
i
for i in conn.execute('select password from passwords where rowid=?', (
rowid, ))
][0][0]
other = [
i for i in conn.execute('select other from passwords where rowid=?', (
rowid, ))
][0][0]
print(rowid, password, other)
enc_password = encrypt(aes_key, password)
enc_other = encrypt(aes_key, other)
print(rowid, enc_password, enc_other)
conn.execute('update passwords set password=?, other=? where rowid=?',
(enc_password, enc_other, rowid))
conn.commit()
conn.close()
def test_round_trip_encryption(self):
'''Encryption followed by decryption should return back our original input.'''
ciphertext = cherryPassword.encrypt(self.aes_key, self.plaintext)
decrypted_plaintext = cherryPassword.decrypt(self.aes_key, ciphertext)
self.assertEqual(self.plaintext, decrypted_plaintext)
def __init__(self,passwd,salt):
self.encryptpass = password.encrypt(passwd,salt)
import bcrypt
from Crypto.Cipher import AES
from password import encrypt, decrypt, toHex, fromHex
import config
pwdatabase = config.dbfile
'''This utility only needs to be run once to convert from an unencrypted database.'''
'''Fill in password here before running'''
password = ''
conn = sqlite3.connect(pwdatabase)
salt = [i for i in conn.execute('select salt from master_pass')][0][0]
print(salt)
aes_key = bcrypt.kdf(password, salt, 16, 32)
print(toHex(aes_key))
rowids = [i[0] for i in conn.execute('select rowid from passwords')]
print(rowids)
for rowid in rowids:
password = [i for i in conn.execute('select password from passwords where rowid=?', (rowid,))][0][0]
other = [i for i in conn.execute('select other from passwords where rowid=?', (rowid,))][0][0]
print(rowid, password, other)
enc_password = encrypt(aes_key, password)
enc_other = encrypt(aes_key, other)
print(rowid, enc_password, enc_other)
conn.execute('update passwords set password=?, other=? where rowid=?', (enc_password, enc_other, rowid))
conn.commit()
conn.close()
def __init__(self, passwd, salt):
self.encryptpass = password.encrypt(passwd, salt)