<a href="https://colab.research.google.com/github/Nazia-naz90/PROJECT_04_BY_nAZIA/blob/main/03_powerful_passwords.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# Program: secure_login

In [None]:
import hashlib

def hash_password(password:str) -> str:
    """
    Hashes a given password using SHA-256.

    :param password: The password to be hashed.
    :return: The hashed password as a hexadecimal string.
    """
    return hashlib.sha256(password.encode()).hexdigest()

def login(email:str, stored_login:dict, password_to_check : str) -> bool:
    """
    Checks if the provided password (after hashing) matches the stored hashed password for the given email.

    :param email: The email we are checking the password for.
    :param stored_logins: Dictionary containing stored hashed passwords mapped to emails.
    :param password_to_check: The password input to verify.
    :return: True if the password matches, False otherwise.
    """
    # Check if email exists in stored logins
    if email in stored_login:
        return stored_login[email] == hash_password(password_to_check)

    return False # Email not Found

def main():
    """
    Main function to test the login system with sample data.
    """
    # Sample database of emails and their corresponding hashed passwords
    stored_login = {
        "example@gmail.com": hash_password("password"),
        "user123@domain.com": hash_password("securePass123"),
        "admin@website.com": hash_password("Admin@2024"),
    }

    # Test Cases
    print(login("example@gmail.com", stored_login, "password"))  # ✅ Expected: True
    print(login("example@gmail.com",stored_login, "wrongpassword")) # ❌ Expected: False
    print(login("user123@domain.com",stored_login,"securePass123")) # ✅ Expected: True
    print(login("admin@website.com",stored_login, "Admin@2024")) # ✅ Expected: True
    print(login("unknown@site.com",stored_login , "doesntmatter")) # ❌ Expected: False

if __name__ == "__main__":
   main()


True
False
True
True
False


In [None]:
import hashlib
import getpass  # For secure password input
import re  # For email validation

def hash_password(password: str, salt: str = None) -> str:
    """
    Hashes a password using SHA-256 with optional salt for better security.

    Args:
        password: The plain text password to hash
        salt: Optional salt to add to the password before hashing

    Returns:
        Hex digest of the hashed password (with salt if provided)
    """
    if salt:
        password = password + salt
    return hashlib.sha256(password.encode()).hexdigest()

def validate_email(email: str) -> bool:
    """
    Validates an email address format using regex.

    Args:
        email: The email address to validate

    Returns:
        True if email is valid, False otherwise
    """
    pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
    return re.match(pattern, email) is not None

def check_password_strength(password: str) -> bool:
    """
    Checks if a password meets minimum strength requirements.

    Args:
        password: The password to check

    Returns:
        True if password meets requirements, False otherwise
    """
    if len(password) < 8:
        return False
    if not any(char.isupper() for char in password):
        return False
    if not any(char.islower() for char in password):
        return False
    if not any(char.isdigit() for char in password):
        return False
    if not any(char in '!@#$%^&*()_+-=[]{}|;:,.<>?/' for char in password):
        return False
    return True

def register_user():
    """
    Handles new user registration with validation.
    """
    print("\n--- User Registration ---")

    while True:
        email = input("Enter your email: ").strip()
        if not validate_email(email):
            print("Invalid email format. Please try again.")
            continue

        if email in stored_logins:
            print("This email is already registered.")
            return

        break

    while True:
        # Use getpass to hide password input
        password = getpass.getpass("Enter your password (min 8 chars with mix of upper/lower case, numbers, and special chars): ")

        if not check_password_strength(password):
            print("Password doesn't meet strength requirements.")
            continue

        confirm = getpass.getpass("Confirm your password: ")
        if password != confirm:
            print("Passwords don't match!")
            continue

        break

    # In a real application, you would generate a unique salt per user
    stored_logins[email] = hash_password(password)
    print("Registration successful!")

def login():
    """
    Handles user login with secure password input.
    """
    print("\n--- User Login ---")
    email = input("Enter your email: ").strip()

    # Use getpass to hide password input
    password = getpass.getpass("Enter your password: ")

    if email in stored_logins and stored_logins[email] == hash_password(password):
        print("Login successful!")
        return True
    else:
        print("Invalid email or password.")
        return False

# Sample database (in a real app, use a proper database with encryption)
stored_logins = {
    "user@example.com": hash_password("Password123!"),
    "admin@example.com": hash_password("Admin@Secure123")
}

def main():
    """
    Main application loop with menu system.
    """
    while True:
        print("\n1. Login")
        print("2. Register")
        print("3. Exit")

        choice = input("Select an option (1-3): ")

        if choice == "1":
            login()
        elif choice == "2":
            register_user()
        elif choice == "3":
            print("Goodbye!")
            break
        else:
            print("Invalid choice. Please try again.")

if __name__ == "__main__":
    print("Secure Login System")
    main()

Secure Login System

1. Login
2. Register
3. Exit
Select an option (1-3): 2

--- User Registration ---
Enter your email: nazinaz90@gmail.com
Enter your password (min 8 chars with mix of upper/lower case, numbers, and special chars): ··········
Password doesn't meet strength requirements.
Enter your password (min 8 chars with mix of upper/lower case, numbers, and special chars): ··········
Confirm your password: ··········
Passwords don't match!
