Python Public Chatroom
LoneAce (191)

Hello there!

Here is a small chatroom I coded with the Python Language. The method is very simple compared to other chatrooms so feel free to take reference from the code!

You can do /read to read without having to press enter

Link is here:
https://repl.it/@LoneAce/Python-Chatroom

PS: Pls upvote!


A journey of a thousand lines begin with a single line


Updates:

  • Fixed Bug where people can become mod easily by entering [MOD] in their name
You are viewing a single comment. View All
Scoder12 (348)

Hello, I saw your program and think it is cool. I just want to say a word about your security.
1) I understand you enforce attempts to be mod through your email password, but THIS IS NOT SECURE. If you fork the repl and delete the code that checks this, you can still be mod.
2) You are exposing your jsonstore endpoint in your code! This means anyone can access the database and do whatever they want to it.
The way you can fix this is by making a separate repl that serves as a server and one repl that is a client. On the server, you can create a special file called .env which no one else can see. A guide on how to do this is here
On the server you can perform all of the database operations and checks for mod, so that no one can just edit the code to take it out. I hope this helps!

LoneAce (191)

@Scoder12 Thanks for the kind help! I didn't think that .env files can be used like that

LoneAce (191)

@Scoder12 Also could you tell me how to link one repl to another using the links? I have seen it in action but I am quite in the dark as to how it works

Scoder12 (348)

@LoneAce Whenever you want to send a chat message you can use requests to get the url of your server. You can use flask on the server to make different urls do different things, and have your client request them.

LoneAce (191)

@Scoder12 Then if someone were to copy my code would they be able to get the key from the server?