I want to make a authentication system with a simple key (string). If the key is correctly inputed, start the program.
The problem is, that I have no idea how I code it so the program checks if the key is correct without a way seeing in as a user in the code.
Can someone help me?
>Solution :
An easy way of using secure passwords/hashes and authentication. Adapt this into your system and work with that as a base:
Generate a password:
>>> import b<rypt
>>> bcrypt.genpw(b"admin", salt=bcrypt.gensalt())
b'$2b$12$VQ/egr55zwN28OU8baZXlu.gLA3HjVJw5O2teDDmwcXyp3k1TR4dG
Store the output of bcrypt.genpw() in any kind of data storage (without the leading b and enclosing single quotes (').
Check password:
import getpass
import bcrypt
# Get your bcrypt hashed pw from any kind of data storage.
pwhash = open("hash.txt", "r", encoding="utf-8").strip()
# Read the users password/key/whatever
password = getpass.getpass("Enter your password: ")
# Check if entered password/key/whatever matches stored hash
authenticated = bcrypt.checkpw(password.encode(), pwhash.encode()
if authenticated:
print("You're autenticated!")
do_privileged_stuff(...)
else:
print("You're not allowed to be here!")
A fun, secure but maybe not very user-friendly addon to security would be MFA/2FA using totp/hotp algorithms (see here).