bofh/baroness
9
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- added password salt/hash with python-bcrypt (install it!), updated database

Browse Source
This commit is contained in:
Bernhard Stampfer
2016-02-18 17:28:22 +01:00
parent eed21dd917
commit c51340fa6e
5 changed files with 53 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/database.py
View File

@@ -100,7 +100,7 @@ def add_user(u):
def update_user(u): def update_user(u):
#query_db("UPDATE users SET (NAME, LONGNAME, EMAIL, RFID_ID, ISBLACK, ISBARON, ISSHOWN) VALUES (?, ?, ?, ?, ?, ?, ?) WHERE ID=?", (u.name, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id)) #query_db("UPDATE users SET (NAME, LONGNAME, EMAIL, RFID_ID, ISBLACK, ISBARON, ISSHOWN) VALUES (?, ?, ?, ?, ?, ?, ?) WHERE ID=?", (u.name, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id))
query_db("UPDATE users SET NAME=?, LONGNAME=?, EMAIL=?, RFID_ID=?, ISBLACK=?, ISBARON=?, ISSHOWN=? WHERE ID=?", (u.name, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id)) query_db("UPDATE users SET NAME=?, PASSWORD=?, LONGNAME=?, EMAIL=?, RFID_ID=?, ISBLACK=?, ISBARON=?, ISSHOWN=? WHERE ID=?", (u.name, u.password, u.longname, u.email, u.rfid_id, u.isblack, u.isbaron, u.isshown, u.id))
get_db().commit() get_db().commit()

4
app/gui.py
View File

@@ -59,9 +59,7 @@ class MainWindow(wx.Frame):
with app.app_context(): with app.app_context():
for i in range(0, int(self.panelUser.GetAmount())): for i in range(0, int(self.panelUser.GetAmount())):
add_consume(self.user.name, get_product_by_name(drink).id) add_consume(self.user.name, get_product_by_name(drink).id)
plot_total(self.user) plot_all_thread(self.user)
plot_total()
plot_list(4)
self.switchPanels() self.switchPanels()
def switchPanels(self): def switchPanels(self):

42
app/plot.py
View File

@@ -3,9 +3,24 @@ from matplotlib.dates import WeekdayLocator, DayLocator, HourLocator, DateFormat
import numpy as np import numpy as np
from user import User from user import User
from database import * from database import *
import thread as th
def plot_all_thread(user = None):
#if user != None:
# th.start_new_thread(plot_all, (user,))
#else:
# th.start_new_thread(plot_all, ())
#def plot_all(user = None):
#
if user != None:
plot_total(user)
plot_total()
plot_list(4)
print 'plot_all'
def plot_total(user = None): def plot_total(user = None):
print 'plot_total'
today = datetime.date.today() today = datetime.date.today()
delta = datetime.timedelta(days=1) delta = datetime.timedelta(days=1)
begin = datetime.date.today() - datetime.timedelta(weeks=2) begin = datetime.date.today() - datetime.timedelta(weeks=2)
@@ -97,20 +112,27 @@ def plot_list(duration):
for consumption in consumed: for consumption in consumed:
allconsumptions[consumption.prodnr-1][consumption.consumer-1] += 1 allconsumptions[consumption.prodnr-1][consumption.consumer-1] += 1
#print 'debug ------------------' #cumulate consumptions for cumulative bar graph
#print consumptions i = 0
#print '------------------------' for consumptions in allconsumptions:
if i > 0:
j = 0
for consumption in consumptions:
allconsumptions[i][j] += allconsumptions[i-1][j]
j += 1
i += 1
plt.xkcd() plt.xkcd()
fig, ax = plt.subplots() fig, ax = plt.subplots()
colors = ['red','green','blue'] colors = ['blue', 'green', 'red', 'yellow', 'orange' , 'black']
i=0 #plot reversed to print longest bar lowest
for consumptions in allconsumptions: i = len(allconsumptions)
ax.barh(np.arange(len(consumptions)), consumptions, label=get_product_by_id(i+1).name, align='center', height=(0.5), color=colors[i]) for consumptions in reversed(allconsumptions):
i+=1 ax.barh(np.arange(len(consumptions)), consumptions, label=get_product_by_id(i).name, align='center', height=(0.5), color=colors[i-1])
i -= 1
names = list() names = list()
@@ -126,7 +148,7 @@ def plot_list(duration):
ax.yaxis.set_ticks_position('none') ax.yaxis.set_ticks_position('none')
ax.xaxis.set_ticks_position('none') ax.xaxis.set_ticks_position('none')
plt.subplots_adjust(left=0.2) plt.subplots_adjust(left=0.15)
#plt.tick_params(which='minor', length=4) #plt.tick_params(which='minor', length=4)
#plt.tick_params(which='major', length=5) #plt.tick_params(which='major', length=5)
@@ -144,4 +166,4 @@ def plot_list(duration):
plt.savefig('app/static/bierliste.png', dpi=100) plt.savefig('app/static/bierliste.png', dpi=100)
#800x600 #800x600
fig.set_size_inches(15, 10) fig.set_size_inches(15, 10)
plt.savefig('app/static/bierliste_small.png', dpi=72) plt.savefig('app/static/bierliste_small.png', dpi=72)

28
app/views.py
View File

@@ -6,7 +6,7 @@ from plot import *
from user import User from user import User
from product import Product from product import Product
from consumption import Consumption from consumption import Consumption
import bcrypt
@app.route('/static/<path:path>') @app.route('/static/<path:path>')
@@ -41,7 +41,9 @@ def login():
if u is None: if u is None:
error = 'User does not exist!' error = 'User does not exist!'
return render_template('login.html', error=error, user=get_user_by_name(session.get('name'))) return render_template('login.html', error=error, user=get_user_by_name(session.get('name')))
if u.password != request.form['password']: #if u.password != request.form['password']:
# bcrypt.checkpy(plaintxt, hash)
if not bcrypt.checkpw(request.form['password'], u.password):
error = 'Wrong password!' error = 'Wrong password!'
return render_template('login.html', error=error, user=get_user_by_name(session.get('name'))) return render_template('login.html', error=error, user=get_user_by_name(session.get('name')))
@@ -76,10 +78,11 @@ def manage_users_add():
error = "Username not unique!" error = "Username not unique!"
if request.form['password1'] == request.form['password2']: if request.form['password1'] == request.form['password2']:
u.password = request.form['password1'] #u.password = request.form['password1']
u.password = bcrypt.hashpw(request.form['password1'], bcrypt.gensalt())
else: else:
error="Passwords do not match!" error = "Passwords do not match!"
u.longname=request.form['longname'] u.longname = request.form['longname']
u.email = request.form['email'] u.email = request.form['email']
u.rfid_id = request.form['rfid_id'] u.rfid_id = request.form['rfid_id']
@@ -211,9 +214,7 @@ def consume():
username = session.get('name') username = session.get('name')
add_consume(username, prod.id) add_consume(username, prod.id)
message = "Du hast gerade ein %s konsumiert." % prod.name message = "Du hast gerade ein %s konsumiert." % prod.name
plot_total(get_user_by_name(session.get('name'))) plot_all_thread(get_user_by_name(session.get('name')))
plot_total()
plot_list(4)
return render_template('consume.html', products=products, message=message, user=get_user_by_name(session.get('name'))) return render_template('consume.html', products=products, message=message, user=get_user_by_name(session.get('name')))
@app.route('/personal') @app.route('/personal')
@@ -224,5 +225,14 @@ def personal():
@app.route('/billing') @app.route('/billing')
@requires_baron @requires_baron
def billing(): def billing():
return render_template('billing.html', user=get_user_by_name(session.get('name'))) return render_template('billing.html', user=get_user_by_name(session.get('name')))
#migrate the db to hashed passwords
#@app.route('/hashdb')
#@requires_baron
#def hashdb():
# users = get_users()
# for user in users:
# user.password = bcrypt.hashpw(user.password, bcrypt.gensalt())
# update_user(user)
# return render_template('index.html', users=users, user=get_user_by_name(session.get('name')))

BIN
test/database.db
View File

Binary file not shown.