
    H2iA                     @   d dl mZmZmZ d dlmZ d dlmZmZ d dl	m
Z
 d dlmZmZmZ d dlmZ d dlZd dlZd dlZ e            Z ee          Z edd	g
          Z ed          Z e
dgd          Z ej        ej        d            ej        e          Zdedede fdZ! eeddge          e"                    de          defd                        Z#e$                    de           ed           ed          fdededefd            Z%dS )     )	APIRouterFormRequest)Jinja2Templates)HTMLResponseRedirectResponse)CryptContext)
open_mysqlget_mysql_credsget_pingconf_vars)add_dual_routeNz/signinsignin)prefixtags	templates)	directorybcryptauto)schemes
deprecatedz)%(asctime)s - %(levelname)s - %(message)s)levelformatpasswordstored_hashreturnc                     d}d}d}| D ]B}|dk    s|dk    rt          |          }||dz  |z   |z  |dz  z   z  }||dz  |z  z  }||z  }C|dz  }|dz  }|d	|d	|                                k    S )
z5Verify MySQL pre-4.1 OLD_PASSWORD() 16-char hex hash.i5W0P   iqV4 	?      i08x)ordlower)	r   r   nraddnr2ctmpresult1result2s	            )/wd/v2025.freedom4um.com/routes/signin.pyverify_old_mysql_passwordr-      s     
B
C
C  88qDyy!ff
bC3&2733qBs
:oGJG((7(((K,=,=,?,???     GET)methodsresponse_class/)r2   requestc                 D   K   t                               d| di d          S )zDisplay the sign-in form.signin.htmlr/   r4   usernameerrors)r   TemplateResponse)r4   s    r,   
get_signinr;   )   s0       %%r::  r.   .r8   c           	      	  K   i }t                               d|            	 t          t                    5 }|                    d          }|                    d|f           |                                }|                                 |sLt                               d           d|d<   t          	                    d| ||d	d
          cddd           S |d         }d}|
                    d          rM	 t                              ||          }n# t          $ r d}Y nw xY wt                               d|            n|
                    d          r|                    d          }	|	                    d|f           |	                                d         }
|	                                 |
|k    }t                               d|            nkt          |          dk    r.t          ||          }t                               d|            n*t                               dt          |                      |sLt                               d           d|d<   t          	                    d| ||d	d
          cddd           S |
                    d          s~t                              |          }|                                }|                    d||d         f           |                                 t                               d| d           t%          dd          }|                    d t)          |d                   d!ddd"#           |d$         |d         |d         d%| j        d&<   t                               d'| d(|d          d)           |cddd           S # 1 swxY w Y   dS # t,          j        j        $ rZ}t                               d*|            t)          |          |d+<   t          	                    d| ||d	d
          cY d}~S d}~wt          $ rM}t                               d,|            d-|d<   t          	                    d| ||d	d
          cY d}~S d}~ww xY w).zHandle sign-in form submission.zSignin attempt for username: T)
dictionaryz
                SELECT HandleID, Handle, Password
                FROM Handles
                WHERE Handle = %s AND StatusCode != 'D'
            zUser not found.zInvalid username or passwordloginr6   r7      )status_codeNPasswordFz$2zbcrypt check: *zSELECT PASSWORD(%s) AS hashedhashedzMySQL SHA1 check:    zOLD_PASSWORD check: z%Unrecognized password format, length=zPassword verification failed.z0UPDATE Handles SET Password=%s WHERE HandleID=%sHandleIDzPassword for user z upgraded to bcryptz/latestcommentsi.  )urlr@   session_tokeni:	 lax)keyvaluemax_agehttponlysecuresamesiteHandle)r8   idrE   userzUser z" logged in successfully (HandleID=)zDatabase error: databasezUnexpected signin error: zInternal server error)loggerdebugr
   mysql_credscursorexecutefetchonefetchallr   r:   
startswithpwd_contextverify	Exceptionlenr-   hashcommitr   
set_cookiestrsessionmysql	connectorErrorerror)r4   r8   r   r9   connrW   rowdb_pwlogin_successcursor2legacy_hashednew_hashcursor3responsees                  r,   post_signinrs   4   s      F
LL;;;<<<i
$$ V	[[D[11F NN  	  
 //##COO .///"@w 11! 'XPP # 2  V	 V	 V	 V	 V	 V	 V	 V	* 
OE!M %% S*$/$6$6x$G$GMM  * * *$)MMM*=m==>>>> !!#&& S+++66 ?(MMM ' 0 0 2 28 <  """!.%!7A-AABBBB Ur!! 9(E J JCMCCDDDD QSZZQQRRR ! <==="@w 11! 'XPP # 2  kV	 V	 V	 V	 V	 V	 V	 V	x ##D)) Q&++H55++-- RU]_bcm_nTopppO(OOOPPP (,=3OOOH##j/**(       M*o
O' 'GOF# LL___SQ[____```mV	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	 V	p ?  
 
 
+++,,, VVz))XHH * 
 
 	
 	
 	
 	
 	
 	
  
 
 
4445551w))XHH * 
 
 	
 	
 	
 	
 	
 	

s   O BN;O N;;DN;D&#N;%D&&E!N;O DN;.O ;N??O N?O RAP1+R1R>AR RR)&fastapir   r   r   fastapi.templatingr   starlette.responsesr   r   passlib.contextr	   utils.pingdatar
   r   r   utils.routesr   mysql.connectorre   logginghashlibPingConfrV   routerr   r\   basicConfigDEBUG	getLogger__name__rT   rc   boolr-   getr;   postrs    r.   r,   <module>r      s9   , , , , , , , , , , . . . . . . > > > > > > > > ( ( ( ( ( ( I I I I I I I I I I ' ' ' ' ' '       oh''	)8*	5	5	5Ok222	lH:&AAA  '-0[ \ \ \ \		8	$	$@ @# @$ @ @ @ @& UGLIIIC--g    .- JI S..8<S		SWSWX[S\S\ n
 n
w n
# n
S n
 n
 n
 /.n
 n
 n
r.   