diff --git a/prepare_userdb.py b/prepare_userdb.py
index af72c2e3a8da4a4a900c29d7105c356a5fa65d34..c338a9affb25284b0fb3296513ebf8ac1f3df890 100644
--- a/prepare_userdb.py
+++ b/prepare_userdb.py
@@ -77,13 +77,16 @@ conn.commit()
conn.execute('''CREATE TABLE users
(id INT PRIMARY KEY NOT NULL,
name TEXT NOT NULL,
+ password BLOB NOT NULL,
language INT NOT NULL,
FOREIGN KEY(language) REFERENCES convoc_language(id));''')
-conn.execute("INSERT INTO users (id,name,language) \
- VALUES (1, 'User English', 0)")
-conn.execute("INSERT INTO users (id,name,language) \
- VALUES (2, 'Benutzer Deutsch', 1)")
+blob = b'...'
+conn.execute("INSERT INTO users (id,name,password,language) \
+ VALUES (1, 'User English', ?, 0)", (blob,))
+blob = b'...'
+conn.execute("INSERT INTO users (id,name,password,language) \
+ VALUES (2, 'Benutzer Deutsch', ?, 1)", (blob,))
conn.commit()
diff --git a/requirements.txt b/requirements.txt
index d7e4723547a80ee08751acc85e29f3fe8d436bea..97fe3afaed96178cb2ed4c778c84ea2d1164d6b3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,5 @@
cartopy
+cryptography
dash
dash-bootstrap-components
joblib
diff --git a/src/pages/dashboard.py b/src/pages/dashboard.py
index b6c578bbe9c49fc35b435a6c49389c7d6d2c91e6..77e7d53d67252119e40c595fab13b1e1a06ce473 100644
--- a/src/pages/dashboard.py
+++ b/src/pages/dashboard.py
@@ -13,6 +13,8 @@ import numpy as np
from eurad_plot import get_euradim_plot, get_timeseries_plot
import os
import zipfile
+from cryptography.fernet import Fernet
+from deployment_settings import key
# the following should be done with static files!
APP_HOME = Path.cwd()
@@ -179,6 +181,10 @@ def create_login_button(title="login"):
dbc.Row([
dbc.Col(dbc.Label("Name:"), width=3),
dbc.Col(dbc.Input(id='login_name', type="text"))
+ ]),
+ dbc.Row([
+ dbc.Col(dbc.Label("Password:"), width=3),
+ dbc.Col(dbc.Input(id='login_password', type="password"))
])
]),
html.Div(id="alert_nouser", children=[]),
@@ -786,23 +792,29 @@ layout = html.Div([
Input("login_button", "n_clicks"),
Input("login_close", "n_clicks"),
State("login_name", "value"),
+ State("login_password", "value"),
prevent_initial_call=True
)
-def login_open(lb_click, lc_click, name):
+def login_open(lb_click, lc_click, name, password):
if ctx.triggered_id == "login_close":
conn = sqlite3.connect(DATA_PATH.joinpath('destine_de370c_users.db'))
cur = conn.cursor()
- cur.execute(f"SELECT * FROM users WHERE name ='{name}'")
+ cur.execute(f"SELECT id, password, language FROM users WHERE name ='{name}'")
user = cur.fetchone()
conn.close()
if not user:
return no_update, no_update, no_update, no_update, dbc.Alert(["No such user!"], color="danger")
else:
- language_id=user[2]
- return create_login_button(f"{user_label[language_id]} {user[1]}"), \
- '{"user_id": ' + f'{user[0]}, "language_id": {user[2]}' +'}', \
- create_tabs_layout(user_id=user[0], language_id=language_id),\
- False, no_update
+ fernet = Fernet(key)
+ db_password = fernet.decrypt(user[1]).decode()
+ if db_password == password:
+ language_id=user[2]
+ return create_login_button(f"{user_label[language_id]} {name}"), \
+ '{"user_id": ' + f'{user[0]}, "language_id": {user[2]}' +'}', \
+ create_tabs_layout(user_id=user[0], language_id=language_id),\
+ False, no_update
+ else:
+ return no_update, no_update, no_update, no_update, dbc.Alert(["Wrong password given!"], color="danger")
else:
return create_login_button(), '{"user_id": 1, "language_id": 0}', \
create_tabs_layout() , True, no_update