#!/usr/bin/env python
import string
import random
import web
from web import form
db = web.database(dbn='mysql', user='mysecrets', pw='horsebatteries',
db='mysecrets')
urls = (
'/secret/api/(.*)', 'api',
'/secret/(.*)', 'index'
)
app = web.application(urls, globals())
render = web.template.render('templates/')
create = form.Form(
form.Textbox('base_url', description="domain"),
form.Textbox('username'),
form.Password('password'),
)
def mkpass(size=10):
validChars = string.ascii_letters + string.digits
validChars = validChars.strip("oO01l")
return string.join([random.choice(validChars) for x in range(size)],"")
def get_pair_from_url(base_url):
return db.select('passwords', where='base_url LIKE "%'+base_url+'%"', order='id DESC')
def get_generated_from_url(base_url):
gen = db.select('generated', where='base_url LIKE "%'+base_url+'%"', order='id DESC')
while not len(gen) > 0:
db.insert('generated', base_url = base_url, password = mkpass())
gen = db.select('generated', where='base_url LIKE "%'+base_url+'%"')
return gen
class index:
def GET(self, method):
if method == 'get':
if web.input():
i = web.input()
selected = get_pair_from_url(i.base_url)
if len(selected) > 0:
pairs = ''
for p in selected:
pairs += '- '+p.username+', '+p.password+'
'
pairs += '
'
else:
pairs = "Sorry buddy, you're outta luck
"
body = ''+i.base_url+'
\n'+pairs
return render.page(i.base_url, body)
else:
return render.page('get','need input.
')
if method == 'new':
i = web.input()
f = create()
body = []
body.append(''+i.base_url+'
\n')
selected = get_pair_from_url(i.base_url)
generated = get_generated_from_url(i.base_url)
if selected:
body.append('Existing:
\n')
for pair in selected:
body.append('- '+pair.username+', '+pair.password+'
\n')
body.append('
')
body.append('Generated:
\n' + generated[0].password + '
\n')
body.append('Create:
\n')
body.append('')
return render.page('create',''.join(body))
if method == 'create':
i = web.input()
exists = db.select('passwords', where='username="'+i.username+'" and password="' +\
i.password+'" and base_url="'+i.base_url+'"')
if not exists:
n = db.insert('passwords', username=i.username, password=i.password, \
base_url=i.base_url)
selected = get_pair_from_url(i.base_url)
body = [''+i.base_url+'
','']
for pair in selected:
body.append('('+pair.username+', '+pair.password+')')
return render.page('Created', ''.join(body))
if method == 'generate':
i = web.input()
body = ''+i.base_url+'
\n '+get_generated_from_url(i.base_url)[0].password+'
'
return render.page('Generated', body)
else:
return render.page('mySecrets', 'These are mySecrets. There is nothing for you here.
')
class api:
def GET(self, method):
if method == "list":
tmp = ''
for pair in db.select('passwords'):
tmp += pair['base_url']+','+pair['username']+','+pair['password']+'\n'
return tmp
if method == "get":
i = web.input()
base_url = i.base_url
pairs = db.select('passwords', where='`base_url`="'+base_url+'"')
tmp = ''
for pair in pairs:
tmp += pair.username+','+pair.password+'\n'
return tmp
else:
return 'mySecrets API ' + method
def POST(self, method):
i = web.input()
n = db.insert('passwords', username=i.username, password=i.password, \
base_url=i.base_url)
body = ''+i.base_url+'
'+i.username+', '+i.password+'
'
return render.page('Created', body)
if __name__ == "__main__":
web.wsgi.runwsgi = lambda func, addr=None: web.wsgi.runfcgi(func, addr)
app.run()