- added password salt/hash with python-bcrypt (install it!), updated database

app/database.py

@@ -100,7 +100,7 @@ def add_user(u):
 
 def update_user(u):
     #query_db("UPDATE users SET (NAME, LONGNAME, EMAIL, RFID_ID, ISBLACK, ISBARON, ISSHOWN) VALUES (?, ?, ?, ?, ?, ?, ?) WHERE ID=?", (u.name, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id))
-    query_db("UPDATE users SET NAME=?, LONGNAME=?, EMAIL=?, RFID_ID=?, ISBLACK=?, ISBARON=?, ISSHOWN=? WHERE ID=?", (u.name, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id))
+    query_db("UPDATE users SET NAME=?, PASSWORD=?, LONGNAME=?, EMAIL=?, RFID_ID=?, ISBLACK=?, ISBARON=?, ISSHOWN=? WHERE ID=?", (u.name, u.password, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id))
     get_db().commit()
 
 

app/gui.py

@@ -59,9 +59,7 @@ class MainWindow(wx.Frame):
         with app.app_context():
             for i in range(0, int(self.panelUser.GetAmount())):
                 add_consume(self.user.name, get_product_by_name(drink).id)
-        plot_total(self.user)
+        plot_all_thread(self.user)
-        plot_total()
-        plot_list(4)
         self.switchPanels()
 
     def switchPanels(self):

app/plot.py

@@ -3,9 +3,24 @@ from matplotlib.dates import WeekdayLocator, DayLocator, HourLocator, DateFormat
 import numpy as np
 from user import User
 from database import *
+import thread as th
+
+def plot_all_thread(user = None):
+    #if user != None:
+    #    th.start_new_thread(plot_all, (user,))
+    #else:
+    #    th.start_new_thread(plot_all, ())
+#def plot_all(user = None):
+#
+    if user != None:
+        plot_total(user)
+    plot_total()
+    plot_list(4)
+    print 'plot_all'
 
 def plot_total(user = None):
 
+    print 'plot_total'
     today = datetime.date.today()
     delta = datetime.timedelta(days=1)
     begin = datetime.date.today() - datetime.timedelta(weeks=2)
@@ -97,20 +112,27 @@ def plot_list(duration):
     for consumption in consumed:
         allconsumptions[consumption.prodnr-1][consumption.consumer-1] += 1
 
-    #print 'debug ------------------'
+    #cumulate consumptions for cumulative bar graph
-    #print consumptions
+    i = 0
-    #print '------------------------'
+    for consumptions in allconsumptions:
+        if i > 0:
+            j = 0
+            for consumption in consumptions:
+                allconsumptions[i][j] += allconsumptions[i-1][j]
+                j += 1
+        i += 1
 
     plt.xkcd()
 
     fig, ax = plt.subplots()
 
-    colors = ['red','green','blue']
+    colors = ['blue', 'green', 'red', 'yellow', 'orange' , 'black']
 
-    i=0
+    #plot reversed to print longest bar lowest
-    for consumptions in allconsumptions:
+    i = len(allconsumptions)
-        ax.barh(np.arange(len(consumptions)), consumptions, label=get_product_by_id(i+1).name, align='center', height=(0.5), color=colors[i])
+    for consumptions in reversed(allconsumptions):
-        i+=1
+        ax.barh(np.arange(len(consumptions)), consumptions, label=get_product_by_id(i).name, align='center', height=(0.5), color=colors[i-1])
+        i -= 1
 
     names = list()
 
@@ -126,7 +148,7 @@ def plot_list(duration):
 
     ax.yaxis.set_ticks_position('none')
     ax.xaxis.set_ticks_position('none')
-    plt.subplots_adjust(left=0.2)
+    plt.subplots_adjust(left=0.15)
     #plt.tick_params(which='minor', length=4)
     #plt.tick_params(which='major', length=5)
 

app/views.py

@@ -6,7 +6,7 @@ from plot import *
 from user import User
 from product import Product
 from consumption import Consumption
-
+import bcrypt
 
 
 @app.route('/static/<path:path>')
@@ -41,7 +41,9 @@ def login():
         if u is None:
             error = 'User does not exist!'
             return render_template('login.html', error=error, user=get_user_by_name(session.get('name')))
-        if u.password != request.form['password']:
+        #if u.password != request.form['password']:
+        # bcrypt.checkpy(plaintxt, hash)
+        if not bcrypt.checkpw(request.form['password'], u.password):
             error = 'Wrong password!'
             return render_template('login.html', error=error, user=get_user_by_name(session.get('name')))
 
@@ -76,7 +78,8 @@ def manage_users_add():
             error = "Username not unique!"
 
         if request.form['password1'] == request.form['password2']:
-            u.password = request.form['password1']        	
+            #u.password = request.form['password1']
+            u.password = bcrypt.hashpw(request.form['password1'], bcrypt.gensalt())
         else:
             error = "Passwords do not match!"
         u.longname = request.form['longname']
@@ -211,9 +214,7 @@ def consume():
         username = session.get('name')
         add_consume(username, prod.id)
         message = "Du hast gerade ein %s konsumiert." % prod.name
-        plot_total(get_user_by_name(session.get('name')))
+        plot_all_thread(get_user_by_name(session.get('name')))
-        plot_total()
-        plot_list(4)
     return render_template('consume.html', products=products, message=message, user=get_user_by_name(session.get('name')))
 
 @app.route('/personal')
@@ -224,5 +225,14 @@ def personal():
 @app.route('/billing')
 @requires_baron
 def billing():
-
     return render_template('billing.html', user=get_user_by_name(session.get('name')))
+
+#migrate the db to hashed passwords
+#@app.route('/hashdb')
+#@requires_baron
+#def hashdb():
+#    users = get_users()
+#    for user in users:
+#        user.password = bcrypt.hashpw(user.password, bcrypt.gensalt())
+#        update_user(user)
+#    return render_template('index.html', users=users, user=get_user_by_name(session.get('name')))