How to make a ULTRA-SECURE Vault on Repl.it ( No 0auth )
RaidTheWeb (74)

So...
There is a kinda-maybe trend here on repl.it that @Zavexeon may or may not have started and judging by the title you already know what this tutorial is about. Vaults... mmmmmm yes vaults, no 0auth to so that's cool I guess. This is part 1 in this tutorial I will be showing you how to make a "ULTRA-SECURE" Vault that doesn't use 0auth for authentication, lets get to it!!

Setup

For this tutorial you will need:

  • a python repl
  • flask
  • and the flask_httpauth extension

The Code

Start by making a file structure a little like this:

main.py
templates/
    index.html

For those who don't understand what I mean is create a directory called templates and create a empty file inside called index.html


Now navigate to the main.py file in the main directory, and import the necessary libraries:

# main.py should look like this!
import flask
from flask_httpauth import HTTPBasicAuth
import os 
import hashlib

This imports the libraries we are going to be using!
Now define a flask.Flask object and create your first route!

# add this under the imports in `main.py`!

app = flask.Flask(__name__)

@app.route('/')
def index():
    return flask.render_template('index.html')

app.run('0.0.0.0', 8080)

This will make a simple route in the root of your flask web server that renders index.html from the templates directory.

Now is a good time to put something in the index.html folder!

<!-- templates/index.html -->
<!-- Note: this can contain anything -->
<html>
    <body>
        <h1>Welcome to my vault</h1>
    </body>
</html>

Run your repl and look at the web view, if all goes well you should see the html page shown in the web view. this means you have done the first section of the first part of this tutorial series.

The Authentication!

Now the moment that you have all been waiting for! The authentication system!

The next part of this tutorial will cover a more secure login system and file uploads.

in main.py add this between your route and the app variable:

# main.py!



auth = HTTPBasicAuth()

users = {
    'john': 'password'
}

@auth.verify_password
def verify_password(username, password):
    if username in users and users.get(username) == password:
        return username

This will define your users and your password verification function!

Now just under the @app.route('/') add @auth.login_required. Restart your repl and your done!
A basic authentication vault. In the next part we will cover file uploads and a more secure system!

A Preview:

You are viewing a single comment. View All