Conversation
for good reason, whoops... imagine someone mistyped their password, so now the hash don't match, so now they fail login, so now it gets posted... okay, I get it, CodeQL. Thanks.
next is adding a way to manage logins
next: work on editing / adding / deleting
Owner
Author
|
Need to clean up assorted logger stuff. Also remember to reset all databases! |
New module = cleaner code. Fact. userfunc is specifically for MyOp's use and handles everything user-related. Also: fixed some other bugs. Removed a lot of log commands.
I don't remember what I did here XD
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| cur = c.cursor() | ||
| if pwd: | ||
| pwd = generate_password_hash(pwd) | ||
| print(callsign, name, permissions, active, pwd) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 3 months ago
The best way to fix this problem is to simply remove the print statement at line 78 in userfunc.py, or, if some logging is still desired, print only nonsensitive fields (such as callsign, name, permissions, active) and omit the password entirely. This ensures no password information (cleartext or hash) will ever be logged or printed to any output, preserving user confidentiality and complying with secure coding standards.
Steps:
- Locate line 78 (
print(callsign, name, permissions, active, pwd)) inuserfunc.py. - Remove this line or, if debugging/logging is still needed, change it so only non-sensitive fields are printed (e.g.,
print(callsign, name, permissions, active)).
No new imports or definitions are required for this change.
Suggested changeset
1
userfunc.py
| @@ -75,7 +75,7 @@ | ||
| cur = c.cursor() | ||
| if pwd: | ||
| pwd = generate_password_hash(pwd) | ||
| print(callsign, name, permissions, active, pwd) | ||
| print(callsign, name, permissions, active) | ||
| cur.execute(""" | ||
| INSERT INTO users (callsign, name, permissions, pwdhash, active) VALUES (?,?,?,?,?); | ||
| """, |
Copilot is powered by AI and may make mistakes. Always verify output.
- reworked login checking to use userfunc - cleaned up templates (still had my username in there, embarrasing...) - fixed bug (active wasn't a property of a userfunc.User)
Had to turn logged_in into a decorator factory to fix Flask complaining about session["user"] being accessed before a request because Flask checks decorators like that. Don't remove the parentheses, because then it turns into a reference to "wrapper", not a function, and every @logged_in without parentheses gets a reference to "wrapper", and everything falls apart because everything gets rewritten.
I'm aware the system log is going to show up a little more strangely online. But for now the terminal is more important :)
also the login, that commit is coming too you can log into the site and see your callsign also added bootstrap admin user for setting up going to remove the logged_in training wheels in a moment
works! that's all I gotta say
considering removing admin stuff for non-admins
made some more things rely on stored username now unnecessary to log in to non-admin accounts
- log pages the bootstrap visits - make sure after the bootstrap makes a user, bootstrap disappears - change default password for the bootstrap to "bootstrapbill"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
About time I put a proper body on this PR. Edited Dec. 16th I believe 2025.
I think I added some login stuff unintentionally when I was trying to fix that dumb security bug in the nav.js file. WeWell, folks, here's the rest of it. Introducing logins.
The way logins work is,, users are added by an admin, who can set things like your permission level. (If you don't need permissions beyondd bsimple "I just need the board and chat", you actually don't need a password to log in. Just leave the password field blank.)
Note to admins. Added usernames are kind of on an honor system as far as making sure nobody uses that callsign but that person. If you need to, pop over to the control panel, find the offending user in the table, aand deactivate them wby clicking that little checkbox.
Also! If you're the first one into the system, you need to create an admin account before going any further. There's a predefined admin account exactly for this purpose. Log in with the username "BOOTSTRAP_ADMIN" and password (the password is aclose to the top of the Python app.py file, look for "BOOTSTRAP_ADMIN = {" and look at what's in the generate_password_hash parentheses). Everything done with the bootstrap admin is logged, FYI :) And it disappears after the first admin gets created. Hopefully it's secure enough.
Okay, think that's all I got. Whoo that's a long PR body.