implemented basic sqlite db aout

samuelpulfer · Jun 3, 2015 · 90cceea · 90cceea
1 parent 26e0ff0
commit 90cceea
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 10 deletions.
diff --git a/create_userdb.py b/create_userdb.py
@@ -38,10 +38,10 @@ def create(username, password):
 	global con
 	global cur
 
-	get_con()
-	cur.execute("INSERT INTO user (username, password) VALUES ('%s', '%s')") % \
-	           (username, hashlib.md5(password).hexdigest())
-
+	get_conn()
+	cur.execute("INSERT INTO user (username, password) VALUES ('%s', '%s')" % \
+	           (username, hashlib.md5(password).hexdigest()))
+	con.commit()
 
 """
 except lite.Error, e:
@@ -54,3 +54,7 @@ def create(username, password):
 	if con:
 		con.close()
 """
+
+
+if __name__ == "__main__":
+	create(sys.argv[1], sys.argv[2])
diff --git a/etc/user.db b/etc/user.db
diff --git a/httpd.py b/httpd.py
@@ -25,6 +25,8 @@
 from wsgilog import WsgiLog
 from cgi import escape
 import usbauth
+import hashlib
+import sqlite3
 
 ## global variables ############################################################
 
@@ -96,6 +98,7 @@ def auth_check(self):
 		
 		"""
 		web.debug("auth_check")
+		web.debug(web_session)
 
 		# check if we have a valid session
 		if web_session != None and web_session["uid"] > 0:
@@ -108,28 +111,52 @@ def auth_check(self):
 
 		# check if the user has submitted credentials
 		return None
-
-
+
 	def render(self):
 		return web.template.render('template', globals={
 			'is_dict': is_dict, 
 			'escape': escape
 		})
-
 
 class login(webctx):
 	def POST(self):
+		global web_session
+
 		data = web.data()
 		credentials = json.loads(data)
 		#web.debug(credentials)
 
 		username = credentials["username"]
 		password = credentials["password"]
 
-		web.debug(username)
-		web.debug(password)
+		#web.debug(username)
+		#web.debug(password)
 
 		# check credentials against database
+		pwhash = hashlib.md5(password).hexdigest()
+		web.debug(pwhash)
+		authdb = sqlite3.connect('etc/user.db')
+		cur = authdb.cursor()
+		sql = 'SELECT id FROM user WHERE username=? AND password=?'
+		web.debug(sql)
+		check = cur.execute(sql, (username, pwhash))
+		web.debug(str(check) + " " + str(cur.rowcount))
+
+		if check:
+			row = cur.fetchone()
+			authdb.close()
+			web.debug(row)
+			web_session = session_default
+			web_session["uid"] = row[0]
+			web_session["user"] = username
+
+			# if we found one, exit
+			return '{"success": true}'
+
+		authdb.close()
+
+		# if not found check against ldap
+
 
 
 		return '{"success": true}'
@@ -141,7 +168,7 @@ def GET(self):
 		if not self.auth_check():
 			return self.render().login()
 
-		web.debug(auth_check)
+		#web.debug(auth_check)
 		#web.debug(web_session)
 
 		render = web.template.render('template')