fixed bugs

2026-03-04 16:26:15 +00:00 · 2026-03-04 16:26:15 +00:00 · 7ec14d6f85
commit 7ec14d6f85
parent 5ed94e9b1a
12 changed files with 23 additions and 6 deletions
--- a/src/main.py
+++ b/src/main.py
@ -169,19 +169,30 @@ def register():

        # creates a random string
        random_string = secrets.token_hex(16)
+        print(random_string)
        # uses the string to create the message that wll be encrypted
        challenge_phrase = f"this is the unencrypted string: {random_string}"
+        print(challenge_phrase)
        # encrypts message
        fingerprint, encrypted_msg = pgp_encrypt_and_import(data["pgp"], challenge_phrase)
+        print(challenge_phrase)
+        print(encrypted_msg)

        # checks fingerprint
        if not fingerprint or not encrypted_msg:
            flash("Invalid PGP key or encryption failed.")
            return redirect(url_for("register"))
+        print(fingerprint)

        # creates a temporary session used to verify the user
-        session["pending_user"] = {**data, "profile_url": profile_url, "pictures_urls": pictures_urls}
-        session["pgp_expected_phrase"] = challenge_phrase
+        session["pending_user"] = {
+            **data,
+            "profile_url": profile_url,
+            "pictures_urls": pictures_urls,
+            "fingerprint": fingerprint
+        }
+
+        session['pgp_expected_phrase'] = challenge_phrase

        # renders the verification page
        return render_template("verify.html", encrypted_message=encrypted_msg)
@ -191,18 +202,23 @@ def register():

@app.route("/verify", methods=["POST"])
 def verify():
-    # retrieve the phrase from the session
-    expected_phrase = session.get("pgp_expected_phrase")
    # retrieve user data from the session
    data = session.get("pending_user")

+    fingerprint = data.get("fingerprint")
+
+    # retrieve the phrase from the session
+    expected_phrase = session.get("pgp_expected_phrase")
+    print(expected_phrase)
+
    # check to see if data exists
    if not data or not expected_phrase:
        flash("Session expired.")
        return redirect(url_for("register"))

-    # get the decrypted message
+    # get the decrypted message from form
    submitted = request.form.get("decrypted_message")
+
    # check to see if submission was empty
    if not submitted:
        flash("You must paste the decrypted message.")
@ -216,6 +232,7 @@ def verify():
    # saves the correcty formated date of birth
    dob = date.fromisoformat(data["date_of_birth"])

+
    # stores the data on the database
    new_user = User(
        username=data["username"],
@ -244,9 +261,9 @@ def verify():
    # creates login session
    session['user_id'] = new_user.id
    session['username'] = new_user.username
+
    # remove temporary session
    session.pop("pending_user", None)
-    session.pop("pgp_expected_phrase", None)

    flash("PGP verification successful! Account created.")
    return redirect(url_for("home"))