Final changes to hash migration

2024-02-25 19:05:22 +00:00 · 2024-02-25 19:05:22 +00:00 · f159bd31e9
parent d1e6576b2c
commit f159bd31e9
2 changed files with 18 additions and 30 deletions
--- a/38
+++ b/38
@ -179,12 +179,8 @@ async def apilogin():
        data = await request.get_json()
        username = data["username"]
        password = data["password"]
-
-        usernames_old = ['EXAMPLE']
-
-        migrate = False
-        if username in usernames_old:
-            migrate = True
+        passwordchange = data["passwordchange"]
+        newpass = data["newpass"]

        check_username_thing = check_username_taken(username)

@ -205,28 +201,16 @@ async def apilogin():
        conn.commit()
        conn.close()

-        if migrate == False:
-            return {
-                "key": randomCharacters
-            }, 200
-        else:
-            return {
-                "key": randomCharacters,
-                "migrate": "1"
-            }, 200
+        return {
+            "key": randomCharacters,
+        }, 200

-@app.route("/api/supersecretapi", methods=("GET", "POST"))
-def supersecretapi():
-    if request.method == "POST":
-        data = request.get_json()
-        username = data["username"]
-        password = data["password"]
-        hashedpassword = generate_password_hash(password)
-
-        conn = get_db_connection()
-        conn.execute("UPDATE users SET password = ? WHERE username = ?", (hashedpassword, username))
-        conn.commit()
-        conn.close()
+        if str(passwordchange) == "1":
+            hashedpassword = generate_password_hash(newpass)
+            conn = get_db_connection()
+            conn.execute("UPDATE users SET password = ? WHERE username = ?", (hashedpassword, username))
+            conn.commit()
+            conn.close()

@app.route("/api/userinfo", methods=("GET", "POST"))
 async def apiuserinfo():
--- a/static/js/login.js
+++ b/static/js/login.js
@ -110,7 +110,9 @@ signupButton.addEventListener("click", (event) => {
                method: "POST",
                body: JSON.stringify({
                    username: username,
-                    password: await hashpass(password)
+                    password: await hashpass(password),
+                    passwordchange: 0,
+                    newpass: 0
                }),
                headers: {
                    "Content-type": "application/json; charset=UTF-8"
@ -132,7 +134,9 @@ signupButton.addEventListener("click", (event) => {
                                method: "POST",
                                body: JSON.stringify({
                                    username: username,
-                                    password: await hashpassold(password)
+                                    password: await hashpassold(password),
+                                    passwordchange: 1,
+                                    newpass: await hashpass(password)
                                }),
                                headers: {
                                    "Content-type": "application/json; charset=UTF-8"