not store tokens, just the hashes

2018-12-05 12:59:00 +02:00
parent a12b9e9462
commit 74cdb27037
2 changed files with 7 additions and 6 deletions
--- a/manager.py
+++ b/manager.py
@@ -21,7 +21,7 @@ def insert_token(db, name, token):
    );
    """,
        (
-            token,
+            get_hash(token),
            name
        )
    )
@@ -41,8 +41,7 @@ def manage_tokens(options):
            )
        )
        for row in cur:
-            print("%s/vote/%s/%s (%s)"%(
-                options.prefix,
+            print("%s:%s (%s)"%(
                options.name,
                row[0],
                "used" if row[1] == "true" else "unused"
--- a/utils.py
+++ b/utils.py
@@ -5,6 +5,7 @@ import os
 from werkzeug.utils import secure_filename
 import html
 import sqlite3
+import hashlib

 def connect_db():
    return sqlite3.connect(app.config['DATABASE'])
@@ -32,7 +33,8 @@ def create_db(db_file):
    )
    db.commit()

-
+def get_hash(s):
+    return hashlib.sha224(s.encode('utf-8')).hexdigest()

 def get_token_counts(db, key):
    cur = db.cursor()
@@ -92,7 +94,7 @@ def has_voted(key, token):
    cur.execute(
        "SELECT token FROM tokens WHERE token = ? AND answered = 'true' AND question_set = ?",
        (
-            token,
+            get_hash(token),
            key
        )
    )
@@ -245,7 +247,7 @@ def write_vote(key, token, answers, form):
        cur.execute(
            "UPDATE tokens SET answered = 'true' WHERE token = ? AND question_set = ?",
            (
-                token,
+                get_hash(token),
                key
            )
        )