python - 覆盖文本文件以更新 python HTML 以更改用户密码

问题描述

我正在尝试完成这个程序，我需要能够为已经保存在文本文件中的用户更新保存在 txt 文件中的密码，但我不知道该怎么做。

寻求有关任务 AC 的帮助

一个。密码更新表单——此 Python 表单允许以前注册的用户在成功登录后重置密码。

湾。身份验证函数——这些 Python 函数将检查密码更新时是否满足以下 NIST SP 800-63B 标准：

• 使用之前的密码长度和复杂性标准。（这项工作应该已经完成​​了。）

• 将预期机密与包含已知常用、预期或泄露的值的列表（以 CommonPasswords.txt 提供）进行比较。

• 如果在列表中找到选择的秘密，应用程序应通知订阅者他们需要选择不同的秘密。

C。记录器 - 创建日志以记录所有失败的登录尝试。日志应包括日期、时间和 IP 地址。

from datetime import datetime
from flask import Flask, flash, redirect, render_template, request, session, url_for
import re

from wtforms import Form, PasswordField
from wtforms.validators import DataRequired

app = Flask(__name__)


def validate_password(password):
SpecialSym = ['$', '@', '#', '%', '!', '&', '*']
val = True

if len(password) < 6:
    print('length should be at least 6')
    val = False

if len(password) > 20:
    print('length should be not be greater than 8')
    val = False

if not any(char.isdigit() for char in password):
    print('Password should have at least one numeral')
    val = False

if not any(char.isupper() for char in password):
    print('Password should have at least one uppercase letter')
    val = False

if not any(char.islower() for char in password):
    print('Password should have at least one lowercase letter')
    val = False

if not any(char in SpecialSym for char in password):
    print('Password should have at least one of the symbols $@#')
    val = False

if val:
    return val

else:
    return False


now = datetime.now()  # current date and time
date_time = now.strftime("%d/%m/%Y, %H:%M:%S")


# each route for the pages
@app.route("/")
def welcome():
"""the welcome page"""
return render_template("welcome.html")


@app.route("/home")
def home():
"""the home page"""
if not session.get('logged_in'):
    return render_template('login.html')
else:
    return redirect('home')


@app.route("/register", methods=['GET', 'POST'])
def register():
if request.method == 'POST':
    email = request.form['email']
    password = request.form['password']
    f = open("/Users/Brian/PycharmProjects/StateList/Flask_Blog/static/database.txt", "a")
    if not validate_password(password):
        message = "Invalid Credentials"
        return render_template("register.html", error=message)
    else:
        f.write("%s %s\n" % (email, password))
        f.close()
        flash("SUCCESSFUL REGISTERED *")
        return render_template("homepage.html", error="SUCCESSFUL REGISTERED *")

else:
    return render_template("register.html")


@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
    f = open("/Users/Brian/PycharmProjects/StateList/Flask_Blog/static/database.txt", "r")
    data = f.readlines()
    f.close()
    data = [x.split() for x in data]
    for item in data:
        if request.form['email'] == item[0].strip() and request.form['password'] == item[1].strip():
            session['logged_in'] = True
            return render_template('homepage.html')
        else:
            error = "Wrong Credentials"
            return render_template("login.html", error=error)
else:
    return render_template("login.html")


@app.route("/reset", methods=['GET', 'POST'])
def reset():
"""reset page"""
if request.method == 'POST':
    email = request.form['email']
    password = request.form['password']
    f = open("/Users/Brian/PycharmProjects/StateList/Flask_Blog/static/database.txt", "a")
    if not validate_password(password):
        message = "Invalid Credentials"
        return render_template("reset.html", error=message)
    else:
        f.write("%s %s\n" % (email, password))
        f.close()
        flash("Password Reset *")
        return render_template("reset.html", error="Password Reset *")

标签： pythonhtmlauthenticationflaskpasswords