def check_login(login, password):
if login == '' or password == '':
return False
else:
g.db = connect_db()
cur = g.db.execute('SELECT salt FROM users WHERE login = "' + login + '"')
salt = cur.fetchone()
if salt:
salted = password + salt[0]
else:
#unsalted password or invalid login
g.db.close()
return False
hashed = sha256(salted.encode()).hexdigest()
cur = g.db.execute('SELECT id FROM users WHERE login = "' + login + '" AND password = "' + hashed + '"')
uid = cur.fetchone()
g.db.close()
if uid:
return uid[0]
else:
return False
##
# Change password
#
评论列表
文章目录
