Merge pull request #6 from aarikpokras/codespace-aarikpokras-opulent-…

…space-telegram-wj7pj75g7r639556

Codespace aarikpokras opulent space telegram wj7pj75g7r639556

home/specs/pw

@@ -0,0 +1 @@
+$2b$12$Nnx.air.Tgpt8w.zRtgd/uW22ZXsYh7XxMQlkZKFca5GX/.RqZed2

start.py

@@ -1,6 +1,10 @@
 import os
 import maskpass
+import bcrypt
 from version import ver
+# def checkpw(pw: str) -> str:
+#     with open(f"home/{signInUn}/pw", "r") as f:
+#         return bcrypt.checkpw(pw.encode(), f.read().encode())
 # vers=version.ver
 print("Welcome to spectacleOS! This is version "+ver+" command line.")
 name=input('Enter desired hostname. ==> ')
@@ -12,28 +16,49 @@
     os.chdir('home')
     os.mkdir(newUserNameUn)
     os.chdir(newUserNameUn)
-    pwF = open("pw", "w")
+#
+#
+    pwF = open("pw", "wb")
     pwText=newUserPw
-    pwF.write(pwText)
-    print("Returning Password.")
-    pwF = open("pw", "r")
-    pwRead=pwF.read()
-    print(pwRead)
+    bytes=newUserPw.encode('utf-8')
+    salt=bcrypt.gensalt()
+    hash=bcrypt.hashpw(bytes, salt)
+    pwF.write(hash)
+#
+#
     print("Account successfully created. Please sign in. Exiting.")
     exit()
 if user == "s":
     signInUn=input("Username> ")
     os.system('sudo chmod +rw home/'+signInUn+'/pw')
     #os.chdir('home/'+signInUn)
-    pwReadS = open("home/"+signInUn+"/pw", "r")
+#
+#
+    pwReadS = open("home/"+signInUn+"/pw", "rb")
+    pwFullRead=pwReadS.read()
     signInPw=maskpass.askpass(prompt='Enter Password: ', mask='*')
-    if pwReadS.read() == signInPw:
+    salt=bcrypt.gensalt()
+    bytes=signInPw.encode('utf-8')
+#    hashnew=bcrypt.hashpw(bytes, salt)
+    bcrypt.checkpw(bytes, pwFullRead)
+    if bcrypt.checkpw(bytes, pwFullRead):
         os.chdir("home/"+signInUn)
-        print("Sign-in ok. Welcome to spectacleOS, "+signInUn+"! Remember, you are responsible for doing `chmod -rw` on your password file!")
-        import cmd
-    if pwReadS.read() != signInPw:
-        print("Sign-in failed.")
+        print("Sign-in ok. Welcome to spectacleOS, "+signInUn+"!")
+    if bcrypt.checkpw(bytes, pwFullRead) == False:
+        print("Username or password incorrect. Exiting.")
         exit()
+#    if pwReadS.read() != hashnew:
+#        print('no.')
+#    elif pwReadS.read() == hashnew:
+#        os.chdir("home/"+signInUn)
+#        print ("Sign-in ok. Welcome to spectacleOS, "+signInUn+"!")
+#    if checkpw == signInPw:
+#        os.chdir("home/"+signInUn)
+#        print("Sign-in ok. Welcome to spectacleOS, "+signInUn+"! Remember, you are responsible for doing `chmod -rw` on your password file!")
+        import cmd
+#    if pwReadS.read() != signInPw:
+#        print("Sign-in failed.")
+#        exit()
 
 
 # Make continous imports of py files to make full command line file - import variables with import <filename>, then to import variables, <new-var-name>=<filename>.<old-var-name>