Whitebox

whitebox.py

import hashlib
import random
from bottle import get, post, run, template, request, response

def valid_session_id(session_id):
    return len(session_id) == 32

def generate_session_id():
    chars = [chr(ord('a')+i) for i in range(26)] + [str(i) for i in range(10)]
    return ''.join([random.choice(chars) for _ in range(32)])

@get('/whitebox')
def login_form():
    return '''
    <html><head><meta charset="utf-8"></head>
    <body><form action="/whitebox" method="POST">
    <div><label for="name">Имя: </label><input type="text" name="name"></div>
    <div><label for="password">Пароль: </label><input type="password" name="password"></div>
    <div><input type="submit" value="Sign in"></div>
    </form></body></html>
    '''

@post('/whitebox')
def login():
    digest = '412804fb97b101e1df2840ba6c55953a9a24868e'

    password = request.forms.getunicode('password')
    password_hash = hashlib.sha1(password.encode('utf8')).hexdigest()

    if (password_hash == digest) or valid_session_id(request.get_cookie('session_id', '')):
        response.set_cookie('session_id', generate_session_id())
        name = request.forms.getunicode('name')

        print(f'{name} signed in.')
        return template('''
            <html><head><meta charset="utf-8"></head>
            <body><b>Hey, {{name}}</b>!</body></html>
            ''', name=name)
    return '''
        <html><head><meta charset="utf-8"></head>
        <body><b>You failed to login</b>!</body></html>
        '''

run(host='0.0.0.0', port=8010)