From 2cd1e24633033782e94a89f31723774bedcff24a Mon Sep 17 00:00:00 2001 From: Lynne Date: Wed, 7 Nov 2018 09:10:50 +1000 Subject: [PATCH] working on password creation form --- templates/create_password.html | 2 +- web.py | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/templates/create_password.html b/templates/create_password.html index e6484c0..489921a 100644 --- a/templates/create_password.html +++ b/templates/create_password.html @@ -11,7 +11,7 @@ Curious Greg will not function without JavaScript. Please ensure you have JavaScript enabled. -
+
@lynnesbian@fedi.lynnesbian.space


diff --git a/web.py b/web.py index d165502..f1cd335 100755 --- a/web.py +++ b/web.py @@ -4,7 +4,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -import requests, sqlite3, json +import requests, sqlite3, json, hashlib from mastodon import Mastodon from flask import Flask, render_template, request, session, redirect, url_for import bcrypt @@ -96,7 +96,8 @@ def do_login(): def create_password(): return render_template("create_password.html") -@app.route('/internal/create_account') +@app.route('/internal/create_account', methods=['POST']) def create_account(): - c.execute("INSERT INTO data (username, instance, secret, appid, appsecret) VALUES (?, ?, ?, ?, ?)", (session['username'], session['instance_url'], session['secret'], session['client_id'], session['client_secret'])) + pw = bcrypt.hashpw(request.form['pw'], bcrypt.gensalt(15)) + c.execute("INSERT INTO data (username, instance, password, secret, appid, appsecret) VALUES (?, ?, ?, ?, ?)", (session['username'], pw, session['instance_url'], session['secret'], session['client_id'], session['client_secret'])) db.commit()