Nirdoan/Tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

Passwort hashen

Browse Source
This commit is contained in:
Nirodan
2025-06-16 10:24:54 +02:00
parent eb674efe9a
commit 492bc31393
3 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app.py
+7 -4
View File
@@ -75,6 +75,8 @@ def serve_react(path):
@app.route('/api/login', methods=['POST']) @app.route('/api/login', methods=['POST'])
def login(): def login():
from mysql.connector import connect, Error from mysql.connector import connect, Error
from werkzeug.security import check_password_hash
data = request.get_json() data = request.get_json()
username = data.get('username') username = data.get('username')
password = data.get('password') password = data.get('password')
@@ -83,17 +85,17 @@ def login():
config = lade_db_config() config = lade_db_config()
conn = connect(**config) conn = connect(**config)
cursor = conn.cursor(dictionary=True) cursor = conn.cursor(dictionary=True)
cursor.execute("SELECT * FROM users WHERE username = %s AND password = %s", (username, password)) cursor.execute("SELECT * FROM users WHERE username = %s", (username,))
user = cursor.fetchone() user = cursor.fetchone()
cursor.close() cursor.close()
conn.close() conn.close()
if user: if user and check_password_hash(user['password'], password):
return jsonify({ return jsonify({
"token": "mock-token", # später JWT etc. "token": "mock-token",
"role": user['role'] "role": user['role']
}) })
else:
return jsonify({"message": "Login fehlgeschlagen"}), 401 return jsonify({"message": "Login fehlgeschlagen"}), 401
except Error as e: except Error as e:
@@ -101,6 +103,7 @@ def login():
return jsonify({"message": "Serverfehler"}), 500 return jsonify({"message": "Serverfehler"}), 500
if __name__ == '__main__': if __name__ == '__main__':
os.makedirs("config", exist_ok=True) os.makedirs("config", exist_ok=True)
app.run(host='127.0.0.1', port=5000) app.run(host='127.0.0.1', port=5000)
backend/datenbankverbindung.py
+5 -5
View File
@@ -1,5 +1,7 @@
import json import json
import mysql.connector import mysql.connector
from werkzeug.security import generate_password_hash
def lade_db_config(pfad='config/db_config.json'): def lade_db_config(pfad='config/db_config.json'):
with open(pfad, 'r') as f: with open(pfad, 'r') as f:
@@ -19,11 +21,9 @@ def teste_verbindung(db_config):
return False return False
def initialisiere_admin_user(db_config): def initialisiere_admin_user(db_config):
import mysql.connector
conn = mysql.connector.connect(**db_config) conn = mysql.connector.connect(**db_config)
cursor = conn.cursor() cursor = conn.cursor()
# Tabelle erstellen, falls nicht vorhanden
cursor.execute(""" cursor.execute("""
CREATE TABLE IF NOT EXISTS users ( CREATE TABLE IF NOT EXISTS users (
id INT AUTO_INCREMENT PRIMARY KEY, id INT AUTO_INCREMENT PRIMARY KEY,
@@ -33,14 +33,14 @@ def initialisiere_admin_user(db_config):
) )
""") """)
# Prüfen, ob admin existiert
cursor.execute("SELECT id FROM users WHERE username = 'admin'") cursor.execute("SELECT id FROM users WHERE username = 'admin'")
if not cursor.fetchone(): if not cursor.fetchone():
hashed_pw = generate_password_hash('admin')
cursor.execute(""" cursor.execute("""
INSERT INTO users (username, password, role) INSERT INTO users (username, password, role)
VALUES (%s, %s, 'admin') VALUES (%s, %s, 'admin')
""", ('admin', 'admin')) """, ('admin', hashed_pw))
print("[INFO] Admin-Account wurde erstellt: admin / admin") print("[INFO] Admin-Account wurde erstellt (gehashed): admin / admin")
conn.commit() conn.commit()
cursor.close() cursor.close()
backend/requirements.txt
+1
View File
@@ -1,3 +1,4 @@
flask flask
flask-cors flask-cors
mysql-connector-python mysql-connector-python
werkzeug>=2.3