This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
ComputerCraftAsk a Pro
lebalusch's profile picture

[solved] Bug in Code, Please Help (user creation)

Started by lebalusch, 09 November 2016 - 11:47 PM
lebalusch #1

lebalusch's profile picture

50 posts

Posted 10 November 2016 - 12:47 AM
Hi guys

so i have been trying to make a User create based on the one on this page:

How to Securely Store Passwords by computech

http://www.computerc...768#entry260768

as you can see i have posted my code there and awaited for some help but no response.

Cant seem to be able to get it to write users to the file and debug other bits. And now stuck. Thanks for your help if you can in advance.

code:-
Spoiler

--A user Maker.  This will Check a password file for a user if not present it will make the user and salt their user password.

--Api's to load
os.loadAPI("sha")

--VARIABLES
--Global
  --none

--local
local fileName = "PSW" --name of password file.
--END OF VARIABLES

--FUNCTIONS
--Global
   function setScreen()-- works, This clears the screen and positions us in the top left of the terminal. This needs to be a global function.
   term.clear() -- set screen up
   term.setCursorPos(1,1)
   term.setCursorBlink(true)
   print("hello") --testing text
  end--close function

--local
  local function createFile ( )--This creates The password file if it doesnt exsit.
   setScreen()
   if not fs.exists(fileName) then --Create a password file
	  write(": File ", fileName ," Not Found")
	write(": Creating File ",fileName)
	local f = fs.open(fileName, "w")  --This creates the file in a writable state as a veriableM
	  f.write(textutils.serialize({ })) --This puts the text we want in the file
	  f.close() --This closes the file
	write (": Created File ", fileName )
   else
	write(": File ",fileName," Found")
   end
  end

  local function readFile()
   local f = fs.open(fileName,"r")
   local usrs = textutils.unserialize(f.readAll())
   f.close()-- we have now checked the file to see whos in it read and stored all the names and passwords in memorry.
   print(": ",fileName," Read")
  end

  local function userName()
   setScreen()
   readFile()
   write("UserName :: ") -- ask for username
   local u = read()--read the user password response, comit to variable u
  
   if not usrs[u] then -- we reconise its a new user and carry on and create the password
	write("password :: ") --ask for user password
	local p = read()--read the user password response, comit to variable p
  
	local salt = math.random(1,10000000000000)*math.random(1,10000000000000)
	*math.random (1,10000000000000) -- massive over kill to get a really big random number i know
  
	usrs[u] = {
		  pwd = sha.sha256( p .. salt ),
		  salt = salt,
	  }
	  local f = fs.open(passPath, "w")
	  f.write( textutils.serialize( usrs ) )
	  f.close()
   else
	write("UserName already taken")
	os.sleep(2)
	userName()
   end
  end
--END OF FUNCTIONS
--CODE

createFile(fileName) --call function and pass file name  PSW into it.
os.sleep(2)
readFile(fileName) -- Read the File PSW
os.sleep(2)
userName()
-- END OF CODE
--[[
This is my variation of CompuTech's user maker on page (How to Securely Store Passwords).
This can be found at http://www.computercraft.info/forums2/index.php?/topic/27496-how-to-securely-store-passwords/page__p__260768#entry260768
os.loadAPI("sha")
write("username :: ")
local u = read()
write("password :: ")
local p = read()
--Again, change passPath here
local passPath = "passwords"
local f = fs.open(passPath,"r")
local usrs = textutils.unserialize(f.readAll())
f.close()
if not usrs[u] then
  local salt = os.time()
  usrs[u] = {
		pwd = sha.sha256( p .. salt ),
		salt = salt,
  }
  local f = fs.open(passPath, "w")
  f.write( textutils.serialize( usrs ) )
  f.close()
end
--]]
Edited on 19 November 2016 - 10:34 PM
Dog #2

Dog's profile picture

1220 posts

Location Earth orbit

Posted 10 November 2016 - 02:11 AM
A couple things I noticed. First, I don't see why you have setScreen() defined globally - are you calling it from other concurrently running programs? If not, it should be local (and my guess is that it would probably be better to define it locally in each concurrently running program rather than defining it globally here).

Second - when you try to create usrs the pwd entry in your table should cause an error. You're trying to concatenate a string and a number. This won't work. Unfortunately, I know very little (almost nothing really) about encryption, so I'll have to leave the correct implementation of that line for someone else to explain. If that's how the sha api you're using really works, then you'll need to convert your salt to a string (using tostring()) before concatenating.
Bomb Bloke #3

Bomb Bloke's profile picture

7083 posts

Location Tasmania (AU)

Posted 11 November 2016 - 04:32 AM
Dog, on 10 November 2016 - 02:11 AM said:
Second - when you try to create usrs the pwd entry in your table should cause an error. You're trying to concatenate a string and a number. This won't work.

Well, it should "work" in the sense that it won't immediately cause an error - Lua itself is quite happy to concatenate strings and numbers. Beats me whether it's correct to do it in the context of this script, though.

As to the problem… it'd be worth elaborating on what that is. Simply saying you're "stuck" is about as ambiguous as you can get.

For example, when you attempt to write user details to a file, what does happen? Does the file get created? Is there any data in it at all? Etc? Etc? Etc?

If you're not even sure if the desired lines are being executed at all, add print statements to your script so you can see!
lebalusch #4

lebalusch's profile picture

50 posts

Posted 19 November 2016 - 11:33 PM
Hi Guys thank you for your help i have got it to work now and you can find the code at:

http://pastebin.com/Vr8tYMP8

http://www.computercraft.info/forums2/index.php?/topic/27958-password-file-creator-hashing-and-salting/