Phone

+635-912-3954

Email

[email protected]

Opening Hours

Mon - Fri: 7AM - 7PM

Adding a graphical user interface

From the command line, please install DB Browser for SQLite, a very nice graphical interface for managing SQLite databases. Type the following instruction:
sudo apt install sqlitebrowser

Once the installation has finished, please launch the application; a graphical user interface, as shown in the following figure, should appear:

Figure 13.13: DB Browser for SQLite

With that, we are ready to open the database we created in our web app:

  1. Click on File | Open Database.
  2. As shown in the Login_Skeleton directory, there is a file named userdata.db. Select it and open it:

Figure 13.14: Opening the userdata.db database

You should see your database’s structure, as shown in the following figure:

Figure 13.15: The database’s structure

As we know, the database has a table named userstable, and this table has two text columns: username and password.

3. Select the Browse Data tag.

As shown in the following figure, the userstable table contains the account we created previously – the one where the username is equal to user1 and the password is equal to 12345:

Figure 13.16: The account saved in our table

There is one big problem related to security here: the password is in plain text. Anybody that can access the userdata.db file in our database can read it. This is the reason why we must introduce hashing encryption in our code – to make it almost impossible for anybody to discover our passwords in such an easy way. We’ll see how in the next section.

Retrieving or saving credentials from and to the database

From a theoretical point of view, we have already discussed what a hash is and why we should use one. From a practical point of view, there are many Python packages available (for example, sha256 and pycrypto), but one of the easiest to use that’s also very effective is hashlib. This library is installed in Python by default, so we don’t have to install it in our virtual environment; all we have to do is import it into our app.py file.

While leveraging hashlib, all we need to do is use its sha256 method to create the hash encryption of the password. Once again, let me highlight that SHA-256 is a very strong form of encryption from a security perspective.

These are the new lines of code we need for the hashing process:

Figure 13.17: The make_hashes function

Here’s a breakdown of what we did:

  • On line 5, we imported hashlib.
  • On lines 12 and 13, we created a new function named make_hashes. This function has just one input argument: the password. This password is passed to the sha256 method, which creates a hashing from it. This hashing is converted into hexadecimal and returned.

Recommended Articles

Leave A Comment

Your email address will not be published. Required fields are marked *



           Copyright © 2024 reginashot. All Rights Reserved.