not store tokens, just the hashes
This commit is contained in:
Ville Rantanen
8
utils.py
8
utils.py
@@ -5,6 +5,7 @@ import os
|
||||
from werkzeug.utils import secure_filename
|
||||
import html
|
||||
import sqlite3
|
||||
import hashlib
|
||||
|
||||
def connect_db():
|
||||
return sqlite3.connect(app.config['DATABASE'])
|
||||
@@ -32,7 +33,8 @@ def create_db(db_file):
|
||||
)
|
||||
db.commit()
|
||||
|
||||
|
||||
def get_hash(s):
|
||||
return hashlib.sha224(s.encode('utf-8')).hexdigest()
|
||||
|
||||
def get_token_counts(db, key):
|
||||
cur = db.cursor()
|
||||
@@ -92,7 +94,7 @@ def has_voted(key, token):
|
||||
cur.execute(
|
||||
"SELECT token FROM tokens WHERE token = ? AND answered = 'true' AND question_set = ?",
|
||||
(
|
||||
token,
|
||||
get_hash(token),
|
||||
key
|
||||
)
|
||||
)
|
||||
@@ -245,7 +247,7 @@ def write_vote(key, token, answers, form):
|
||||
cur.execute(
|
||||
"UPDATE tokens SET answered = 'true' WHERE token = ? AND question_set = ?",
|
||||
(
|
||||
token,
|
||||
get_hash(token),
|
||||
key
|
||||
)
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user