Python Application Login Tutorial

Discussion in 'Source Code & Tutorial Database' started by Snayer, Jul 1, 2013 with 11 replies and 2,416 views.

  1. Snayer

    Snayer Hi, I'm Snayer

    Messages:
    522
    Ratings:
    180
    Hi, I'm Snayer, back again with my fourth (and not final) Python Tutorial. If you would like the other Python tutorials, look in the stickied thread "Programming Resources" under "Other". The full example of the script I am using can be found HERE. I would suggest looking at it and making sure you understand a majority of it before continuing.

    The first thing we are going to is import "urllib" and what this does is gives us the ability to read web pages inside the application itself. This is how we are going to read the web page with the password and bring the whole script together. We are also going to put in some definitions that we will access later for executing what will happen later. This is what you should have
    Code:
    import urllib
     
    def starter():
     
    def login():
     
    def logged():
    We are now going give it a nice starter message, which is going to looking something like this
    Code:
    def starter():
           print "Welcome to Snayer's App"
           print "Please enter the password to continue"
    def login():
    Now comes the tricky part with the login system itself. The main project is getting and storing user input, opening the password page, reading it, seeing if its the same, and executing something after checking, so lets first start off with the user input.

    If you have been following my Python tutorials you will know that the code for user input is raw_input("> "). This will give the program ability for user input.

    The second part is a variable that is holding the URL, that contains the password. The best way of doing this is using pastebin's "raw" feature to give us JUST the password and nothing else. My password link is going to be http://pastebin.com/raw.php?i=G1b1RZ9b. If we put the URL and the user input into variables we should have something like this:

    Code:
    def login():
          pass_guess = raw_input("> ")
          url = "[URL]http://pastebin.com/raw.php?i=G1b1RZ9b[/URL]"
    We are now going to be using the urllib function in order to read the web page. In order to do so we are going to make a variable that contains "urllib.urlopen(url). What this does is opens the variable "url" which if you look back contains the password link. You should have something like this:
    Code:
    def login():
          pass_guess = raw_input("> ")
          url = "[URL]http://pastebin.com/raw.php?i=G1b1RZ9b[/URL]"
          resp = urllib.urlopen(url)
    The next step is creating another variable that will read "resp" (which contains the web page data). In this example I am using the name "data" to read "resp". To read a variable, you just put the variable followed by ".read()" This will read what is inside the variable. Here is an example:
    Code:
    def login():
            pass_guess = raw_input("> ")
            url = "[URL]http://pastebin.com/raw.php?i=G1b1RZ9b[/URL]"
            resp = urllib.urlopen(url)
            data = resp.read()
    The next part of this is creating an If \ Else statement to determine if the password is correct or not. We can use the operators "==" and "!=" to determine if the password we guessed is equal to the one on the web page. "==" means "Is equal to", while "!=" means "does not equal". The way of seeing if pass_guess == data is by creating an if statement, which is very easy if you followed my past tutorials. I am also going to show that if the password is correct, its going to go into our "logged" function if the password is right. Here is what the if statement should resemble done correctly"
    Code:
    def login():
            pass_guess = raw_input("> ")
            url = "http://pastebin.com/raw.php?i=AhNN6q84"
            resp = urllib.urlopen(url)
            data = resp.read()
            if pass_guess == data:
                    print "Password correct. Now logging in"
                    logged()
    This next part has 2 ways of doing it, but I performed the "elif" function to see if the password is wrong. We are going to the same thing we did before, except just change "==" to "!=" and change what happens if it is incorrect. I am going to loop it back to the "login" def to create an infinite so if someone gets the password wrong, they can keep guessing. It should look like this when done:
    Code:
     
    def login():
            pass_guess = raw_input("> ")
            url = "http://pastebin.com/raw.php?i=AhNN6q84"
            resp = urllib.urlopen(url)
            data = resp.read()
            if pass_guess == data:
                    print "Password correct. Now logging in"
                    logged()
            elif pass_guess != data:
                    print "Password Incorrect. Please try again"
                    login()
    The last step for this program is to create what happens if the password is right. This is done inside the def "Logged". You can put your main code here, or just a simple message, which is what I did to say it logged in. Don't forget to call "starter" at the end to begin the script.
    Code:
     
    def login():
            pass_guess = raw_input("> ")
            url = "http://pastebin.com/raw.php?i=AhNN6q84"
            resp = urllib.urlopen(url)
            data = resp.read()
            if pass_guess == data:
                    print "Password correct. Now logging in"
                    logged()
            elif pass_guess != data:
                    print "Password Incorrect. Please try again"
                    login()
    def logged():
             print "You successfully logged in!"
    starter_message()
    Please note when giving out applications that contain this: If you give out the script as a .py, it is VERY easy for them to see that password, since they can view code. If you give the script out as a .pyc , they can still view code since Python Compiler doesn't hide variables and the user can see the URL. A full proof way of making this secure is to convert Python to EXE. The most recent tutorial on Se7ensins can be found here. The tutorial doesn't cover everything, but my comment should help anyone having errors with it (It is still great though).
    Well I hope you enjoyed my fourth Python tutorial. If you have followed all of them, great, and if you are just now joining I suggest you keep looking if you are interested, as I do enjoy sharing programming knowledge with people who don't know much about it.
    -Snayer
     
    • Like Like x 1
  2. Onlineweare

    Onlineweare Inspiration is key

    Messages:
    1,476
    Ratings:
    402
    How would I use this with multiple passwords?
     
    Last edited: Apr 9, 2014
  3. OP
    Snayer

    Snayer Hi, I'm Snayer

    Messages:
    522
    Ratings:
    180
    Well it depends on what you mean. If you want the program to have multiple passwords that may be chosen at random, you could create a random int and if the int matches password 1's number, then make it that with a small hint?

    Is this what you mean?
     
  4. Onlineweare

    Onlineweare Inspiration is key

    Messages:
    1,476
    Ratings:
    402
    Example:
    Code:
    password1
    password2
    password3
     
  5. OP
    Snayer

    Snayer Hi, I'm Snayer

    Messages:
    522
    Ratings:
    180
    Well the only way I would think of having multiple layers of security would just be to keep having input text on different pastebin pages
     
  6. Onlineweare

    Onlineweare Inspiration is key

    Messages:
    1,476
    Ratings:
    402
    So I couldn't use the one pastebin to have mine and my friends password, and both passwords would work from the one login?
     
  7. OP
    Snayer

    Snayer Hi, I'm Snayer

    Messages:
    522
    Ratings:
    180
    What do you want exactly? I could help you lol
     
  8. Onlineweare

    Onlineweare Inspiration is key

    Messages:
    1,476
    Ratings:
    402
    Do you have Skype?
     
  9. OP
    Snayer

    Snayer Hi, I'm Snayer

    Messages:
    522
    Ratings:
    180
    Inbox me
     
  10. S7 Pro

    S7 Pro Member

    Messages:
    2,491
    Ratings:
    1,369
    Any type of HTML request to read a raw password is insecure. Simply by using Fiddler I can check the raw text password. A some what more secure method would be using a PHP page and doing "/login.php?password=pwhere", whereas your PHP page will return 0 or 1, being the password is valid or not.
     
    • Like Like x 1
  11. MatthewH

    MatthewH Member

    Messages:
    1,612
    Ratings:
    615
    ^ This.

    However, no one said it was a "secure" method of doing things. :smile:
     
  12. OP
    Snayer

    Snayer Hi, I'm Snayer

    Messages:
    522
    Ratings:
    180
    I figured if someone is making an application in Python and attempting to "lock it", it wouldn't be some type of national security program. This was meant to be basic and to teach people ways to read HTML Pages.
     

Share This Page