bacalhau/dating-website
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions

fixed some bugs and added login and shit

Browse source
This commit is contained in:
bacalhau 2026-03-03 23:27:33 +00:00
parent d159f4ec68
commit 2f24f28b82
3 changed files with 135 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

153
src/main.py
View file

@ -18,7 +18,7 @@ class User(db.Model):
id = db.Column(db.Integer, primary_key=True) id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(128), unique=True, nullable=False) username = db.Column(db.String(128), unique=True, nullable=False)
pgp = db.Column(db.String(4096), nullable=False) pgp = db.Column(db.String(8128), nullable=False)
firstname = db.Column(db.String(128), nullable=False) firstname = db.Column(db.String(128), nullable=False)
lastname = db.Column(db.String(128), nullable=False) lastname = db.Column(db.String(128), nullable=False)
@ -156,64 +156,129 @@ def register():
@app.route("/verify", methods=["POST"]) @app.route("/verify", methods=["POST"])
def verify(): def verify():
expected_phrase = session.get("pgp_expected_phrase") expected_phrase = session.get("pgp_expected_phrase")
data = session.get("pending_user") data = session.get("pending_user")
if not expected_phrase or not data: if not data or not expected_phrase:
flash("Verification session expired.") flash("Session expired.")
return redirect(url_for("register")) return redirect(url_for("register"))
submitted = request.form.get("decrypted_message") submitted = request.form.get("decrypted_message")
if not submitted: if not submitted:
flash("You must paste the decrypted message.") flash("You must paste the decrypted message.")
return redirect(url_for("register")) return redirect(url_for("register"))
if submitted.strip() != expected_phrase: if submitted.strip() == expected_phrase:
flash("Verification failed.") dob = date.fromisoformat(data["date_of_birth"])
new_user = User(
username=data["username"],
pgp=data["pgp"],
firstname=data["firstname"],
lastname=data["lastname"],
sex=data["sex"],
date_of_birth=dob,
profile_picture=data["profile_picture"],
country=data["country"],
xmpp=data["xmpp"],
email=data["email"] or None,
phone=data["phone"] or None,
city=data["city"] or None,
height=float(data["height"]) if data["height"] else None,
weight=int(data["weight"]) if data["weight"] else None,
race=data["race"] or None,
prefered_age_range=data["prefered_age_range"] or None,
is_verified=False
)
db.session.add(new_user)
db.session.commit()
session['user_id'] = new_user.id
session['username'] = new_user.username
session.pop("pending_user", None)
session.pop("pgp_expected_phrase", None)
flash("PGP verification successful!")
return redirect(url_for("home"))
else:
flash("Verification failed. Account not created.")
return redirect(url_for("register")) return redirect(url_for("register"))
dob = date.fromisoformat(data["date_of_birth"]) @app.route("/login", methods=["GET", "POST"])
new_user = User(
username=data["username"],
pgp=data["pgp"],
firstname=data["firstname"],
lastname=data["lastname"],
sex=data["sex"],
date_of_birth=dob,
profile_picture=data["profile_picture"],
country=data["country"],
xmpp=data["xmpp"],
email=data["email"] or None,
phone=data["phone"] or None,
city=data["city"] or None,
height=float(data["height"]) if data["height"] else None,
weight=int(data["weight"]) if data["weight"] else None,
race=data["race"] or None,
prefered_age_range=data["prefered_age_range"] or None,
is_verified=True
)
db.session.add(new_user)
db.session.commit()
# Clear session
session.pop("pending_user", None)
session.pop("pgp_expected_phrase", None)
flash("PGP verification successful!")
session['user_id'] = user.id
session['username'] = user.username
return redirect(url_for("login"))
@app.route("/login")
def login(): def login():
if request.method == "POST":
username = request.form.get("username")
pgp = request.form.get("pgp")
if not username or not pgp:
flash("Please enter both username and PGP key.")
return redirect(url_for("login"))
user = User.query.filter_by(username=username).first()
if not user:
flash("User not found.")
return redirect(url_for("login"))
import_result = gpg.import_keys(pgp)
if not import_result.fingerprints:
flash("Invalid PGP key.")
return redirect(url_for("login"))
fingerprint = import_result.fingerprints[0]
random_string = secrets.token_hex(16)
challenge_phrase = f"this is the unencrypted string: {random_string}"
encrypted_data = gpg.encrypt(
challenge_phrase,
recipients=[fingerprint]
)
if not encrypted_data.ok:
flash("Failed to encrypt challenge.")
return redirect(url_for("login"))
session["login_user_id"] = user.id
session["login_expected_phrase"] = challenge_phrase
return render_template(
"login_verify.html",
encrypted_message=str(encrypted_data)
)
return render_template("login.html") return render_template("login.html")
@app.route("/login_verify", methods=["POST"])
def login_verify():
user_id = session.get("login_user_id")
expected_phrase = session.get("login_expected_phrase")
if not user_id or not expected_phrase:
flash("Login session expired")
return redirect(url_for("login"))
submitted = request.form.get("decrypted_message")
if not submitted:
flash("You must paste the decrypted message")
return redirect(url_for("login"))
if submitted.strip() == expected_phrase:
user = User.query.get(user_id)
session['user_id'] = user.id
session['username'] = user.username
session.pop("login_user_id", None)
session.pop("login_expected_phrase", None)
flash("Logged in successfully")
return redirect(url_for("home"))
else:
flash("Verification failed")
return redirect(url_for("login"))
@app.route("/logout") @app.route("/logout")
def logout(): def logout():
session.pop('user_id', None) session.pop('user_id', None)

23
src/templates/login.html
View file

@ -1,15 +1,16 @@
{% extends "page.html" %} {% extends "page.html" %}
{% block content %} {% block content %}
<h2>Login</h2> <h2>Login</h2>
<p>Page text</p> <p>Enter your username and PGP public key to receive a challenge.</p>
<p>Page text</p>
<p>Page text</p> <form method="POST" action="{{ url_for('login') }}">
<p>Page text</p> <label>Username:</label><br>
<p>Page text</p> <input type="text" name="username" required><br><br>
<p>Page text</p>
<p>Page text</p> <label>PGP Public Key:</label><br>
<p>Page text</p> <textarea name="pgp" rows="8" cols="60" required></textarea><br><br>
<p>Page text</p>
<p>Page text</p> <button type="submit">Send Challenge</button>
</form>
{% endblock %} {% endblock %}

14
src/templates/login_verify.html Normal file
View file

@ -0,0 +1,14 @@
{% extends "page.html" %}
{% block content %}
<h2>Decrypt Challenge</h2>
<p>Copy the message below, decrypt it with your PGP private key, and paste the decrypted message into the box.</p>
<textarea rows="10" cols="60" readonly>{{ encrypted_message }}</textarea>
<form method="POST" action="{{ url_for('login_verify') }}">
<label>Decrypted Message:</label><br>
<textarea name="decrypted_message" rows="4" cols="60" required></textarea><br><br>
<button type="submit">Verify</button>
</form>
{% endblock %}