How To Create A Simple Login System With Python
We'll need to get the username and password from the user.
username = input('Username: ')
password = input('Password: ')
print(f'{username}:{password}')
Let's use getpass
to hide the users input on the password field to stop any stray eyes.
import getpass
username = input('Username: ')
password = getpass.getpass('Password: ')
print(f'{username}:{password}')
Now we want to check if the username exists in the database and if it does we'll check if the password matches what we have in our database. I'll just be using a dictionary here for example purposes.
import getpass
database = {'user': 'pass', 'marp': 'parp'}
username = input('Username: ')
password = getpass.getpass('Password: ')
if username in database:
if database[username] == password:
print(f'Welcome back {username}')
else:
print('Access denied')
else:
print('User does not exist')
We need to only allow 3 attempts so what we'll do is slam all this into a function and then into a loop to return True/False.
import getpass
database = {'user': 'pass', 'marp': 'parp'}
def login():
for i in range(3):
username = input('Username: ')
password = getpass.getpass('Password: ')
if username in database:
if database[username] == password:
print(f'Welcome back {username}')
return True
else:
print('Access denied')
else:
print('User does not exist')
print('3 incorrect attempts')
if login():
print('Start doing another task...')
But what about encryption? We don't want to store passwords as plain text do we now? Let's encrypt the passwords that we already have in the database with passlib
.
from passlib.hash import sha256_crypt
password = input('Password to encrypt: ')
password = sha256_crypt.encrypt(password)
print(password)
Which when replaced will look like this.
database = {'user': '$5$rounds=535000$K3zbAbtXer3tVZqr$Ervjv1hsGzsz4aad21YD2iOmP/3eDyccGuG5jrmME25', 'marp': '$5$rounds=535000$aBnDiM7Z3LX3/low$qMvetpHNCO6csbPYlVuv5beMZKseEnHBjnWdYKCk5J.'}
Let's verify!
import getpass
from passlib.hash import sha256_crypt
database = {'user': '$5$rounds=535000$K3zbAbtXer3tVZqr$Ervjv1hsGzsz4aad21YD2iOmP/3eDyccGuG5jrmME25', 'marp': '$5$rounds=535000$aBnDiM7Z3LX3/low$qMvetpHNCO6csbPYlVuv5beMZKseEnHBjnWdYKCk5J.'}
def login():
for i in range(3):
username = input('Username: ')
password = getpass.getpass('Password: ')
if username in database:
if sha256_crypt.verify(password, database[username]):
print(f'Welcome back {username}')
return True
else:
print('Access denied')
else:
print('User does not exist')
print('3 incorrect attempts')
if login():
print('Start doing another task...')
Thanks for reading. x
Resources
- Python: https://python.org
- Getpass: https://docs.python.org/3.7/library/getpass.html
- Passlib: https://passlib.readthedocs.io/en/stable/