diff --git a/src/main.py b/src/main.py
index 0b0a06c..eb22709 100644
--- a/src/main.py
+++ b/src/main.py
@@ -18,7 +18,7 @@ class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(128), unique=True, nullable=False)
- pgp = db.Column(db.String(4096), nullable=False)
+ pgp = db.Column(db.String(8128), nullable=False)
firstname = db.Column(db.String(128), nullable=False)
lastname = db.Column(db.String(128), nullable=False)
@@ -156,64 +156,129 @@ def register():
@app.route("/verify", methods=["POST"])
def verify():
-
expected_phrase = session.get("pgp_expected_phrase")
data = session.get("pending_user")
- if not expected_phrase or not data:
- flash("Verification session expired.")
+ if not data or not expected_phrase:
+ flash("Session expired.")
return redirect(url_for("register"))
submitted = request.form.get("decrypted_message")
-
if not submitted:
flash("You must paste the decrypted message.")
return redirect(url_for("register"))
- if submitted.strip() != expected_phrase:
- flash("Verification failed.")
+ if submitted.strip() == expected_phrase:
+ dob = date.fromisoformat(data["date_of_birth"])
+
+ new_user = User(
+ username=data["username"],
+ pgp=data["pgp"],
+ firstname=data["firstname"],
+ lastname=data["lastname"],
+ sex=data["sex"],
+ date_of_birth=dob,
+ profile_picture=data["profile_picture"],
+ country=data["country"],
+ xmpp=data["xmpp"],
+ email=data["email"] or None,
+ phone=data["phone"] or None,
+ city=data["city"] or None,
+ height=float(data["height"]) if data["height"] else None,
+ weight=int(data["weight"]) if data["weight"] else None,
+ race=data["race"] or None,
+ prefered_age_range=data["prefered_age_range"] or None,
+ is_verified=False
+ )
+
+ db.session.add(new_user)
+ db.session.commit()
+
+ session['user_id'] = new_user.id
+ session['username'] = new_user.username
+
+ session.pop("pending_user", None)
+ session.pop("pgp_expected_phrase", None)
+
+ flash("PGP verification successful!")
+ return redirect(url_for("home"))
+
+ else:
+ flash("Verification failed. Account not created.")
return redirect(url_for("register"))
- dob = date.fromisoformat(data["date_of_birth"])
-
- new_user = User(
- username=data["username"],
- pgp=data["pgp"],
- firstname=data["firstname"],
- lastname=data["lastname"],
- sex=data["sex"],
- date_of_birth=dob,
- profile_picture=data["profile_picture"],
- country=data["country"],
- xmpp=data["xmpp"],
- email=data["email"] or None,
- phone=data["phone"] or None,
- city=data["city"] or None,
- height=float(data["height"]) if data["height"] else None,
- weight=int(data["weight"]) if data["weight"] else None,
- race=data["race"] or None,
- prefered_age_range=data["prefered_age_range"] or None,
- is_verified=True
- )
-
- db.session.add(new_user)
- db.session.commit()
-
- # Clear session
- session.pop("pending_user", None)
- session.pop("pgp_expected_phrase", None)
-
- flash("PGP verification successful!")
-
- session['user_id'] = user.id
- session['username'] = user.username
-
- return redirect(url_for("login"))
-
-@app.route("/login")
+@app.route("/login", methods=["GET", "POST"])
def login():
+ if request.method == "POST":
+ username = request.form.get("username")
+ pgp = request.form.get("pgp")
+
+ if not username or not pgp:
+ flash("Please enter both username and PGP key.")
+ return redirect(url_for("login"))
+
+ user = User.query.filter_by(username=username).first()
+ if not user:
+ flash("User not found.")
+ return redirect(url_for("login"))
+
+ import_result = gpg.import_keys(pgp)
+ if not import_result.fingerprints:
+ flash("Invalid PGP key.")
+ return redirect(url_for("login"))
+
+ fingerprint = import_result.fingerprints[0]
+
+ random_string = secrets.token_hex(16)
+ challenge_phrase = f"this is the unencrypted string: {random_string}"
+
+ encrypted_data = gpg.encrypt(
+ challenge_phrase,
+ recipients=[fingerprint]
+ )
+
+ if not encrypted_data.ok:
+ flash("Failed to encrypt challenge.")
+ return redirect(url_for("login"))
+
+ session["login_user_id"] = user.id
+ session["login_expected_phrase"] = challenge_phrase
+
+ return render_template(
+ "login_verify.html",
+ encrypted_message=str(encrypted_data)
+ )
+
return render_template("login.html")
+@app.route("/login_verify", methods=["POST"])
+def login_verify():
+ user_id = session.get("login_user_id")
+ expected_phrase = session.get("login_expected_phrase")
+
+ if not user_id or not expected_phrase:
+ flash("Login session expired")
+ return redirect(url_for("login"))
+
+ submitted = request.form.get("decrypted_message")
+ if not submitted:
+ flash("You must paste the decrypted message")
+ return redirect(url_for("login"))
+
+ if submitted.strip() == expected_phrase:
+ user = User.query.get(user_id)
+ session['user_id'] = user.id
+ session['username'] = user.username
+
+ session.pop("login_user_id", None)
+ session.pop("login_expected_phrase", None)
+
+ flash("Logged in successfully")
+ return redirect(url_for("home"))
+ else:
+ flash("Verification failed")
+ return redirect(url_for("login"))
+
@app.route("/logout")
def logout():
session.pop('user_id', None)
diff --git a/src/templates/login.html b/src/templates/login.html
index 287f321..f0b5116 100644
--- a/src/templates/login.html
+++ b/src/templates/login.html
@@ -1,15 +1,16 @@
{% extends "page.html" %}
{% block content %}
- Login
- Page text
- Page text
- Page text
- Page text
- Page text
- Page text
- Page text
- Page text
- Page text
- Page text
+Login
+Enter your username and PGP public key to receive a challenge.
+
+
{% endblock %}
diff --git a/src/templates/login_verify.html b/src/templates/login_verify.html
new file mode 100644
index 0000000..9d9f843
--- /dev/null
+++ b/src/templates/login_verify.html
@@ -0,0 +1,14 @@
+{% extends "page.html" %}
+
+{% block content %}
+Decrypt Challenge
+Copy the message below, decrypt it with your PGP private key, and paste the decrypted message into the box.
+
+
+
+
+{% endblock %}