forked from digitalocean/sample-python
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpassword.py
65 lines (54 loc) · 2.22 KB
/
password.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# Import required libraries
import hmac
import os
import json
from dotenv import load_dotenv
import streamlit as st
# Load environment variables
load_dotenv()
def is_admin():
groups = st.secrets["groups"]
admins = groups["admins"]
user = st.session_state["secrets.user"]
return user in admins
def check_password():
"""Returns `True` if the user had a correct password."""
def login_form():
"""Form with widgets to collect user information"""
st.header("Login")#(try test@test)
with st.form("Credentials"):
user = os.getenv("SECRET_USER_NAME", None)
passwd = os.getenv("SECRET_USER_PASS", None)
st.text_input("Username", key="username", value=user)
st.text_input("Password", type="password", key="password", value=passwd)
st.form_submit_button("Log in", on_click=password_entered)
def password_entered():
"""Checks whether a password entered by the user is correct."""
secret_user = os.getenv('SECRET_PASSWORDS', '{}')
secrets = json.loads(secret_user)
user = st.session_state["username"]
passwd = st.session_state["password"]
passwds = st.secrets["passwords"]
if (user in passwds and hmac.compare_digest(passwd, passwds[user])) or \
(user in secrets and hmac.compare_digest(passwd, secrets[user])):
st.session_state["password_correct"] = True
st.balloons()
st.session_state["secrets.user"] = user
del st.session_state["password"] # Don't store the username or password.
del st.session_state["username"]
else:
st.session_state["password_correct"] = False
def logout():
st.session_state["password_correct"] = False
st.rerun()
# Return True if the username + password is validated.
if st.session_state.get("password_correct", False):
if st.sidebar.button("Logout", use_container_width=True):
del st.session_state["password_correct"]
st.rerun()
return True
# Show inputs for username + password.
login_form()
if "password_correct" in st.session_state:
st.error("User not known or password incorrect")
return False