我不是Python方面的专家,我正试图将几个函数组合在一起以完成以下任务:
- 询问名称,如果存在,询问密码,如果正确,提供访问权限
- 如果名称不正确,请要求用户更改或注册
- 注册时,我想调用另一个函数来检查密码的有效性(密码检查器(,然后如果密码足够强,则跳回userRegistration函数的其余部分
然而,即使我提供了一个太短或太长的新密码,它也会跳回原始函数并执行其余代码。我知道代码还没有完成,但我知道我做得不对。有什么建议吗?此外,当涉及到提供密码/用户名的最后失败尝试时,我希望应用程序说";尝试过多";,把它放在哪里最好?
其余代码在理想条件下(哈希、OTP、SQL…(基本上可以正常工作
这是我到目前为止的代码:
import sqlite3
import hashlib
import pyotp
import sys
from password_validator import PasswordValidator
connection = sqlite3.connect("localDB.db")
cursor = connection.cursor()
cursor.execute("DROP TABLE passwords")
cursor.execute("CREATE TABLE passwords (name, password)")
cursor.execute("INSERT INTO passwords VALUES ('Tomas','password123')")
def OTP():
totp = pyotp.TOTP('base32secret3232')
print("This is your one-time passcode: ")
print(totp.now())
userOTP = input("Please provided your passcode: ")
otpass = totp.verify(userOTP)
if otpass == True:
print("You are now logged in")
sys.exit()
else:
print("Access Forbidden")
sys.exit()
def correctUsername(username):
print("Account found, please provide your password: ")
retry = 0
while retry<3:
userPassword = input()
cursor.execute('SELECT password FROM passwords WHERE name=?', [username])
match = cursor.fetchone()
dbPassword = match[0]
# print(dbPassword)
hashedCorrectPassword = hashlib.sha256(str(dbPassword).encode('utf-8')).hexdigest()
hashedInputPassword = hashlib.sha256(str(userPassword).encode('utf-8')).hexdigest()
#print(hashedCorrectPassword)
#print(hashedInputPassword)
try:
if hashedInputPassword == hashedCorrectPassword:
print("That's correct, welcome.")
OTP()
else:
print("That's incorrect, please try again.")
retry += 1
continue
except:
break
print("Maximum tries exceeded")
def passwordValidator(registrationPassword):
schema = PasswordValidator()
schema.min(8)
schema.max(15)
schema.has().uppercase()
schema.has().lowercase()
validatePassword = schema.validate(registrationPassword)
if validatePassword == True:
print("Good password")
else:
print("Try again - not strong enough")
def userRegistration():
compliance = bool
print("Register here")
registrationName = input("What is your name?")
print("Your name is ", registrationName)
registrationPassword = input("What is your password?")
passwordValidator(registrationPassword)
cursor.execute("INSERT INTO passwords VALUES (?,?)",(registrationName, registrationPassword))
print("User successfully registered, please login with your new details: ")
passwordDatabase()
def passwordDatabase():
print("Please enter your username: ")
retry = 0
while retry<3:
try:
username = input()
if username == "YES":
userRegistration()
else:
cursor.execute('SELECT name FROM passwords WHERE name=?', [username])
match = cursor.fetchone()
if match is None:
print("No account found, please try again, or type YES for registration")
retry += 1
continue
else:
correctUsername(username)
break
except:
break
print("Maximum tries exceeded.")
一个选项是使passwordValidator同时请求和返回密码。不过,这里的关键步骤是将这个询问过程循环起来。像这样的
def passwordValidator():
while True:
valid_password = True
password = input("What is your password?")
#
#
# validation steps here, if it is invalid, set valid_password to False
if valid_password:
return password
如果输入的密码无效,则while循环将继续,并再次提示用户输入密码。
然后你可以做
def userRegistration():
compliance = bool
print("Register here")
registrationName = input("What is your name?")
print("Your name is ", registrationName)
registrationPassword = passwordValidator(registrationPassword)
cursor.execute("INSERT INTO passwords VALUES (?,?)",(registrationName, registrationPassword))
print("User successfully registered, please login with your new details: ")
passwordDatabase()