6 anni fa · 6d0415f89e
--- a/src/app/views/login.py
+++ b/src/app/views/login.py
@@ -4,6 +4,7 @@ import models.login
 from views.utils import get_nav_bar
 import os, hmac, base64, pickle, hashlib
 from io import StringIO
 from deepdiff import DeepDiff

 # Get html templates
 render = web.template.render('templates/')
@@ -23,13 +24,34 @@ class Login():
            :return: The login page showing other users if logged in
        """
        session = web.ctx.session

        # If the user selected 'remember me' they log in automatically
        try:
            print("secret" ,self.secret)
            cookies = web.cookies()
            print("cookie", cookies)
            remember_hash = bytes(cookies.remember[2:][:-1], 'ascii')
            print("remember_hash")
            print(remember_hash)
            print(remember_hash == b'gANdcQAoWCAAAAAxN2UxZWJmOGJiODhkNzdmZWNjM2E5MmYxMTFkMjU4OHEBWAUAAABhZG1pbnECZS4=')

            encode = base64.b64decode(remember_hash)
            print("dencode", encode)

            username, sign = pickle.loads(encode)


            if self.sign_username(username) == sign:
                print("HASH MATCH")
        except Exception as e:
            raise e

        if session.username:
            friends = models.login.get_users()
        else:
            friends = [[],[]]
        nav = get_nav_bar(session)
        if 1 == 1:
            print(web.cookies())


        return render.login(nav, login_form, friends)

@@ -48,8 +70,14 @@ class Login():
            session.username = user[0][1]
            session.userid = user[0][0]
            print('remember me')
            
            web.setcookie('remember', self.rememberme())
            remember = self.rememberme()
            web.setcookie('remember', remember , 12000000)
            print("equal at start?", remember == b'gANdcQAoWCAAAAAxN2UxZWJmOGJiODhkNzdmZWNjM2E5MmYxMTFkMjU4OHEBWAUAAABhZG1pbnECZS4=')
            cookies = web.cookies()
            print("equal at start?", cookies.remember == b'gANdcQAoWCAAAAAxN2UxZWJmOGJiODhkNzdmZWNjM2E5MmYxMTFkMjU4OHEBWAUAAABhZG1pbnECZS4=')
            print(remember)
            print(cookies.remember)
            print(DeepDiff(remember, cookies.remember, 'ascii'))
        else:
            friends = [[],[]]
        nav = get_nav_bar(session)
@@ -57,8 +85,9 @@ class Login():

    def rememberme(self):
        session = web.ctx.session
        creds = [session.username , self.sign() ]
        creds = [ session.username, self.sign() ]
        print(creds)
        print("save", base64.b64encode(pickle.dumps(creds)))
        return base64.b64encode(pickle.dumps(creds))

    def sign(self):
@@ -68,17 +97,18 @@ class Login():
    @classmethod
    def sign_username(self, username):
        secret = base64.b64decode(self.secret)
        print(secret)
        print(username)
        return hmac.HMAC(secret, username.encode('utf-8')).hexdigest()
        return hmac.HMAC(secret, username.encode('ascii')).hexdigest()
 
    @classmethod
    def valid_rememberme(self, cookie):
        userame, userid, sign = pickle.load(StringIO.StringIO(base64.b64decode(cookie)))
        if User.sign_username(user) == sign:
        userame, sign = pickle.load(StringIO(base64.b64decode(cookie)))
        if self.sign_username(user) == sign:
            return True
        return False
        
    @classmethod
    def from_rememberme(self, cookie):
        user, sign= pickle.load(StringIO.StringIO(base64.b64decode(cookie)))
        user, sign= pickle.load(StringIO(base64.b64decode(cookie)))
        return user