75 lines
2.2 KiB
Python
75 lines
2.2 KiB
Python
from flask import Flask, render_template, request, redirect, url_for, make_response
|
|
import bcrypt
|
|
import sqlite3
|
|
import configparser
|
|
from waitress import serve
|
|
|
|
# Load from config.ini
|
|
|
|
config = configparser.ConfigParser()
|
|
config.read("../config.ini")
|
|
database = config.get("Account", "database")
|
|
runport = config.get("Account", "port")
|
|
|
|
# Status report
|
|
|
|
print("HectaMail Account Service is starting up...")
|
|
print("Your database is located at:", database)
|
|
|
|
app = Flask(__name__)
|
|
|
|
def fetch_hash_from_database(key):
|
|
conn = sqlite3.connect(database)
|
|
cursor = conn.cursor()
|
|
cursor.execute("SELECT value FROM passwords WHERE key = ?", (key,))
|
|
result = cursor.fetchone()
|
|
conn.close()
|
|
|
|
if result:
|
|
return result[0][7:] # Remove the first 7 characters
|
|
else:
|
|
return None
|
|
|
|
def verify_bcrypt(passphrase, hashed_password):
|
|
return bcrypt.checkpw(passphrase.encode('utf-8'), hashed_password.encode('utf-8'))
|
|
|
|
@app.route('/')
|
|
def index():
|
|
return render_template('index.html')
|
|
|
|
@app.route('/api', methods=['POST'])
|
|
def login():
|
|
key_to_fetch = request.form['email']
|
|
password_to_check = request.form['password']
|
|
|
|
passwordhash = fetch_hash_from_database(key_to_fetch)
|
|
|
|
if passwordhash:
|
|
is_password_valid = verify_bcrypt(password_to_check, passwordhash)
|
|
if is_password_valid:
|
|
response = make_response("Logged in!")
|
|
response.set_cookie('passwordhash', passwordhash)
|
|
response.set_cookie('email', request.form['email'])
|
|
return response
|
|
else:
|
|
return "Incorrect email or password"
|
|
else:
|
|
return "Email not found in the database"
|
|
|
|
@app.route('/dashboard')
|
|
def dashboard():
|
|
if 'passwordhash' in request.cookies and request.cookies.get('passwordhash'):
|
|
return render_template('dashboard.html')
|
|
else:
|
|
return redirect(url_for('index'))
|
|
|
|
@app.route('/deleteacct')
|
|
def deleteacct():
|
|
if 'passwordhash' in request.cookies and request.cookies.get('passwordhash'):
|
|
return render_template('confirm.html', user_email=request.cookies.get('email'), password_hash=request.cookies.get('passwordhash'))
|
|
else:
|
|
return redirect(url_for('index'))
|
|
|
|
if __name__ == '__main__':
|
|
serve(app, host='0.0.0.0', port=runport)
|