Compare commits
No commits in common. "a0699dadc661d0e28ea7cf5c7d6e69d29bdf47a0" and "5ed94e9b1aca8a92428a4386c4fc1d53316af065" have entirely different histories.
a0699dadc6
...
5ed94e9b1a
2
.gitignore
vendored
|
|
@ -1,2 +1,2 @@
|
||||||
data
|
data
|
||||||
src/static/uploads/
|
src/static/uploads/*
|
||||||
|
|
|
||||||
29
src/main.py
|
|
@ -169,30 +169,19 @@ def register():
|
||||||
|
|
||||||
# creates a random string
|
# creates a random string
|
||||||
random_string = secrets.token_hex(16)
|
random_string = secrets.token_hex(16)
|
||||||
print(random_string)
|
|
||||||
# uses the string to create the message that wll be encrypted
|
# uses the string to create the message that wll be encrypted
|
||||||
challenge_phrase = f"this is the unencrypted string: {random_string}"
|
challenge_phrase = f"this is the unencrypted string: {random_string}"
|
||||||
print(challenge_phrase)
|
|
||||||
# encrypts message
|
# encrypts message
|
||||||
fingerprint, encrypted_msg = pgp_encrypt_and_import(data["pgp"], challenge_phrase)
|
fingerprint, encrypted_msg = pgp_encrypt_and_import(data["pgp"], challenge_phrase)
|
||||||
print(challenge_phrase)
|
|
||||||
print(encrypted_msg)
|
|
||||||
|
|
||||||
# checks fingerprint
|
# checks fingerprint
|
||||||
if not fingerprint or not encrypted_msg:
|
if not fingerprint or not encrypted_msg:
|
||||||
flash("Invalid PGP key or encryption failed.")
|
flash("Invalid PGP key or encryption failed.")
|
||||||
return redirect(url_for("register"))
|
return redirect(url_for("register"))
|
||||||
print(fingerprint)
|
|
||||||
|
|
||||||
# creates a temporary session used to verify the user
|
# creates a temporary session used to verify the user
|
||||||
session["pending_user"] = {
|
session["pending_user"] = {**data, "profile_url": profile_url, "pictures_urls": pictures_urls}
|
||||||
**data,
|
session["pgp_expected_phrase"] = challenge_phrase
|
||||||
"profile_url": profile_url,
|
|
||||||
"pictures_urls": pictures_urls,
|
|
||||||
"fingerprint": fingerprint
|
|
||||||
}
|
|
||||||
|
|
||||||
session['pgp_expected_phrase'] = challenge_phrase
|
|
||||||
|
|
||||||
# renders the verification page
|
# renders the verification page
|
||||||
return render_template("verify.html", encrypted_message=encrypted_msg)
|
return render_template("verify.html", encrypted_message=encrypted_msg)
|
||||||
|
|
@ -202,23 +191,18 @@ def register():
|
||||||
|
|
||||||
@app.route("/verify", methods=["POST"])
|
@app.route("/verify", methods=["POST"])
|
||||||
def verify():
|
def verify():
|
||||||
# retrieve user data from the session
|
|
||||||
data = session.get("pending_user")
|
|
||||||
|
|
||||||
fingerprint = data.get("fingerprint")
|
|
||||||
|
|
||||||
# retrieve the phrase from the session
|
# retrieve the phrase from the session
|
||||||
expected_phrase = session.get("pgp_expected_phrase")
|
expected_phrase = session.get("pgp_expected_phrase")
|
||||||
print(expected_phrase)
|
# retrieve user data from the session
|
||||||
|
data = session.get("pending_user")
|
||||||
|
|
||||||
# check to see if data exists
|
# check to see if data exists
|
||||||
if not data or not expected_phrase:
|
if not data or not expected_phrase:
|
||||||
flash("Session expired.")
|
flash("Session expired.")
|
||||||
return redirect(url_for("register"))
|
return redirect(url_for("register"))
|
||||||
|
|
||||||
# get the decrypted message from form
|
# get the decrypted message
|
||||||
submitted = request.form.get("decrypted_message")
|
submitted = request.form.get("decrypted_message")
|
||||||
|
|
||||||
# check to see if submission was empty
|
# check to see if submission was empty
|
||||||
if not submitted:
|
if not submitted:
|
||||||
flash("You must paste the decrypted message.")
|
flash("You must paste the decrypted message.")
|
||||||
|
|
@ -232,7 +216,6 @@ def verify():
|
||||||
# saves the correcty formated date of birth
|
# saves the correcty formated date of birth
|
||||||
dob = date.fromisoformat(data["date_of_birth"])
|
dob = date.fromisoformat(data["date_of_birth"])
|
||||||
|
|
||||||
|
|
||||||
# stores the data on the database
|
# stores the data on the database
|
||||||
new_user = User(
|
new_user = User(
|
||||||
username=data["username"],
|
username=data["username"],
|
||||||
|
|
@ -261,9 +244,9 @@ def verify():
|
||||||
# creates login session
|
# creates login session
|
||||||
session['user_id'] = new_user.id
|
session['user_id'] = new_user.id
|
||||||
session['username'] = new_user.username
|
session['username'] = new_user.username
|
||||||
|
|
||||||
# remove temporary session
|
# remove temporary session
|
||||||
session.pop("pending_user", None)
|
session.pop("pending_user", None)
|
||||||
|
session.pop("pgp_expected_phrase", None)
|
||||||
|
|
||||||
flash("PGP verification successful! Account created.")
|
flash("PGP verification successful! Account created.")
|
||||||
return redirect(url_for("home"))
|
return redirect(url_for("home"))
|
||||||
|
|
|
||||||
|
Before Width: | Height: | Size: 336 KiB |
|
Before Width: | Height: | Size: 8.6 KiB |
|
Before Width: | Height: | Size: 32 KiB |
|
Before Width: | Height: | Size: 32 KiB |
|
Before Width: | Height: | Size: 353 KiB |
|
Before Width: | Height: | Size: 358 KiB |
|
Before Width: | Height: | Size: 358 KiB |
|
Before Width: | Height: | Size: 26 KiB |
|
Before Width: | Height: | Size: 26 KiB |
|
Before Width: | Height: | Size: 26 KiB |
|
Before Width: | Height: | Size: 26 KiB |