implemented encyption
This commit is contained in:
@@ -1,5 +1,5 @@
|
|||||||
import sqlite3
|
import sqlite3
|
||||||
|
from services.encryption import Encryption
|
||||||
|
|
||||||
class Log:
|
class Log:
|
||||||
def __init__(self, connection : sqlite3.Connection, id = None, username = None, date = None, time = None, description = None, additional_information = None, suspicious = None):
|
def __init__(self, connection : sqlite3.Connection, id = None, username = None, date = None, time = None, description = None, additional_information = None, suspicious = None):
|
||||||
@@ -26,26 +26,11 @@ class Log:
|
|||||||
|
|
||||||
def save(self):
|
def save(self):
|
||||||
cur = self.connection.cursor()
|
cur = self.connection.cursor()
|
||||||
|
|
||||||
cur.execute("""
|
cur.execute("""
|
||||||
INSERT INTO logs
|
INSERT INTO logs
|
||||||
(id, username, date, time, description, additional_information, suspicious) VALUES (?, ?, ?, ?, ?, ?, ?)
|
(id, username, date, time, description, additional_information, suspicious) VALUES (?, ?, ?, ?, ?, ?, ?)
|
||||||
""", (self.id, self.username, self.date, self.time, self.description, self.additional_information, self.suspicious))
|
""", (self.id, Encryption.encrypt(self.username), Encryption.encrypt(self.date), Encryption.encrypt(self.time), Encryption.encrypt(self.description), Encryption.encrypt(self.additional_information), self.suspicious))
|
||||||
|
|
||||||
self.connection.commit()
|
|
||||||
cur.close()
|
|
||||||
return True
|
|
||||||
|
|
||||||
def update(self):
|
|
||||||
cur = self.connection.cursor()
|
|
||||||
cur.execute("""
|
|
||||||
UPDATE logs SET
|
|
||||||
username = ?,
|
|
||||||
date = ?,
|
|
||||||
description = ?,
|
|
||||||
additional_information = ?,
|
|
||||||
suspicious = ?
|
|
||||||
WHERE id = ?
|
|
||||||
""", (self.firstname, self.lastname, self.zipcode, self.city_id, self.email, self.phone, self.password, self.role, self.id))
|
|
||||||
|
|
||||||
self.connection.commit()
|
self.connection.commit()
|
||||||
cur.close()
|
cur.close()
|
||||||
@@ -60,10 +45,10 @@ class Log:
|
|||||||
|
|
||||||
def _set_row_values(self, row):
|
def _set_row_values(self, row):
|
||||||
self.id = row[0]
|
self.id = row[0]
|
||||||
self.username = row[1]
|
self.username = Encryption.decrypt(row[1])
|
||||||
self.date = row[2]
|
self.date = Encryption.decrypt(row[2])
|
||||||
self.time = row[3]
|
self.time = Encryption.decrypt(row[3])
|
||||||
self.description = row[4]
|
self.description = Encryption.decrypt(row[4])
|
||||||
self.additional_information = row[5]
|
self.additional_information = Encryption.decrypt(row[5])
|
||||||
self.suspicious = row[6]
|
self.suspicious = row[6]
|
||||||
return self
|
return self
|
||||||
@@ -1,5 +1,6 @@
|
|||||||
import sqlite3
|
import sqlite3
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
from services.encryption import Encryption
|
||||||
|
|
||||||
class User:
|
class User:
|
||||||
def __init__(self, connection : sqlite3.Connection, id = None, username = None, firstname = None, lastname = None, address = None, zipcode = None, city_id = None, email = None, phone = None, password = None, role = None):
|
def __init__(self, connection : sqlite3.Connection, id = None, username = None, firstname = None, lastname = None, address = None, zipcode = None, city_id = None, email = None, phone = None, password = None, role = None):
|
||||||
@@ -46,7 +47,7 @@ class User:
|
|||||||
cur.execute("""
|
cur.execute("""
|
||||||
INSERT INTO users
|
INSERT INTO users
|
||||||
(id, username, firstname, lastname, address, zipcode, city_id, email, phone, password, role, created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
|
(id, username, firstname, lastname, address, zipcode, city_id, email, phone, password, role, created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
|
||||||
""", (self.id, self.username, self.firstname, self.lastname, self.address, self.zipcode, self.city_id, self.email, self.phone, self.password, self.role, current_date))
|
""", (self.id, Encryption.encrypt(self.username), Encryption.encrypt(self.firstname), Encryption.encrypt(self.lastname), Encryption.encrypt(self.address), Encryption.encrypt(self.zipcode), self.city_id, Encryption.encrypt(self.email), Encryption.encrypt(self.phone), Encryption.encrypt(self.password), Encryption.encrypt(self.role), current_date))
|
||||||
|
|
||||||
self.connection.commit()
|
self.connection.commit()
|
||||||
cur.close()
|
cur.close()
|
||||||
@@ -67,7 +68,7 @@ class User:
|
|||||||
password = ?,
|
password = ?,
|
||||||
role = ?
|
role = ?
|
||||||
WHERE id = ?
|
WHERE id = ?
|
||||||
""", (self.username, self.firstname, self.lastname, self.address, self.zipcode, self.city_id, self.email, self.phone, self.password, self.role, self.id))
|
""", (Encryption.encrypt(self.username), Encryption.encrypt(self.firstname), Encryption.encrypt(self.lastname), Encryption.encrypt(self.address), Encryption.encrypt(self.zipcode), self.city_id, Encryption.encrypt(self.email), Encryption.encrypt(self.phone), self.password, self.role, self.id))
|
||||||
|
|
||||||
self.connection.commit()
|
self.connection.commit()
|
||||||
cur.close()
|
cur.close()
|
||||||
@@ -82,15 +83,15 @@ class User:
|
|||||||
|
|
||||||
def _set_row_values(self, row):
|
def _set_row_values(self, row):
|
||||||
self.id = row[0]
|
self.id = row[0]
|
||||||
self.username = row[1]
|
self.username = Encryption.decrypt(row[1])
|
||||||
self.firstname = row[2]
|
self.firstname = Encryption.decrypt(row[2])
|
||||||
self.lastname = row[3]
|
self.lastname = Encryption.decrypt(row[3])
|
||||||
self.address = row[4]
|
self.address = Encryption.decrypt(row[4])
|
||||||
self.zipcode = row[5]
|
self.zipcode = Encryption.decrypt(row[5])
|
||||||
self.city_id = row[6]
|
self.city_id = row[6]
|
||||||
self.email = row[7]
|
self.email = Encryption.decrypt(row[7])
|
||||||
self.phone = row[8]
|
self.phone = Encryption.decrypt(row[8])
|
||||||
self.password = row[9]
|
self.password = Encryption.decrypt(row[9])
|
||||||
self.role = row[10]
|
self.role = Encryption.decrypt(row[10])
|
||||||
self.created = row[11]
|
self.created = row[11]
|
||||||
return self
|
return self
|
||||||
@@ -1,4 +1,6 @@
|
|||||||
class Encryption:
|
class Encryption:
|
||||||
|
ENCRYTPION_KEY = "MASTER_KEY"
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def vigenere(text: str, key: str, encrypt=True):
|
def vigenere(text: str, key: str, encrypt=True):
|
||||||
result = ''
|
result = ''
|
||||||
@@ -17,9 +19,9 @@ class Encryption:
|
|||||||
return result
|
return result
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def encrypt(text: str, key: str):
|
def encrypt(text: str):
|
||||||
return Encryption.vigenere(text=text, key=key, encrypt=True)
|
return Encryption.vigenere(text=text, key=Encryption.ENCRYTPION_KEY, encrypt=True)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def decrypt(text: str, key: str):
|
def decrypt(text: str):
|
||||||
return Encryption.vigenere(text=text, key=key, encrypt=False)
|
return Encryption.vigenere(text=text, key=Encryption.ENCRYTPION_KEY, encrypt=False)
|
||||||
@@ -6,22 +6,29 @@ class Search:
|
|||||||
@staticmethod
|
@staticmethod
|
||||||
def search_members(query):
|
def search_members(query):
|
||||||
cur = Database.connection.cursor()
|
cur = Database.connection.cursor()
|
||||||
cur.execute("""
|
# cur.execute("""
|
||||||
SELECT * FROM users WHERE
|
# SELECT * FROM users WHERE
|
||||||
id LIKE ? OR
|
# id LIKE ? OR
|
||||||
username LIKE ? OR
|
# username LIKE ? OR
|
||||||
firstname LIKE ? OR
|
# firstname LIKE ? OR
|
||||||
lastname LIKE ? OR
|
# lastname LIKE ? OR
|
||||||
email LIKE ? OR
|
# email LIKE ? OR
|
||||||
phone LIKE ?
|
# phone LIKE ?
|
||||||
""", (f"%{query}%", f"%{query}%", f"%{query}%", f"%{query}%", f"%{query}%", f"%{query}%"))
|
# """, (f"%{query}%", f"%{query}%", f"%{query}%", f"%{query}%", f"%{query}%", f"%{query}%"))
|
||||||
|
|
||||||
|
cur.execute("""SELECT * FROM users""")
|
||||||
rows = cur.fetchall()
|
rows = cur.fetchall()
|
||||||
|
|
||||||
payload = []
|
payload = []
|
||||||
for row in rows:
|
for row in rows:
|
||||||
user = User(Database.connection)._set_row_values(row)
|
user = User(Database.connection)._set_row_values(row)
|
||||||
if user.role == "MEMBER":
|
if str(user.id) == user.id:
|
||||||
payload.append(user)
|
payload.append(user)
|
||||||
|
continue
|
||||||
|
|
||||||
|
if user.role == "MEMBER":
|
||||||
|
if user.username in query or user.firstname in query or user.lastname in query or user.email in query or user.phone in query:
|
||||||
|
payload.append(user)
|
||||||
|
|
||||||
return payload
|
return payload
|
||||||
|
|
||||||
@@ -42,8 +49,13 @@ class Search:
|
|||||||
payload = []
|
payload = []
|
||||||
for row in rows:
|
for row in rows:
|
||||||
user = User(Database.connection)._set_row_values(row)
|
user = User(Database.connection)._set_row_values(row)
|
||||||
if user.role == "ADVISOR":
|
if str(user.id) == user.id:
|
||||||
payload.append(user)
|
payload.append(user)
|
||||||
|
continue
|
||||||
|
|
||||||
|
if user.role == "ADVISOR":
|
||||||
|
if user.username in query or user.firstname in query or user.lastname in query or user.email in query or user.phone in query:
|
||||||
|
payload.append(user)
|
||||||
|
|
||||||
return payload
|
return payload
|
||||||
|
|
||||||
@@ -64,9 +76,14 @@ class Search:
|
|||||||
payload = []
|
payload = []
|
||||||
for row in rows:
|
for row in rows:
|
||||||
user = User(Database.connection)._set_row_values(row)
|
user = User(Database.connection)._set_row_values(row)
|
||||||
if user.role == "SYSTEM_ADMIN":
|
if str(user.id) == user.id:
|
||||||
payload.append(user)
|
payload.append(user)
|
||||||
|
continue
|
||||||
|
|
||||||
|
if user.role == "SYSTEM_ADMIN":
|
||||||
|
if user.username in query or user.firstname in query or user.lastname in query or user.email in query or user.phone in query:
|
||||||
|
payload.append(user)
|
||||||
|
|
||||||
return payload
|
return payload
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|||||||
Reference in New Issue
Block a user