Sign in to follow this  
Followers 0
pieeater

login UDF(with encryption)

  

  1. 1. should the login have msgboxes to tell you if the username exists or the login is invalid?

    • yes
      0
    • no
      0
  2. 2. should the login return values or functions?

    • values
      0
    • functions
      0

Please sign in or register to vote in this poll.

8 posts in this topic

#1 ·  Posted (edited)

I made this UDF because i wanted to learn more about ini files and decided it might be a bit more usefull.

What it does:

this script makes a gui to make a user account and then opens another gui that you have to login to continue with the script.

How to use it:

_Login()

opens the gui for creating a new account, u can just skip this part by clicking login.

_Login_menu()

only opens the login, skips the create user gui.

_Success()

this is the function that is run if your login is valid.{must be used in all scripts using this UDF}

_Admin_Account()

same as _Success(), except only Admins can use it.

_Admin_Login()

only opens the admins login.

heres the code:

#include <ButtonConstants.au3>
#include <EditConstants.au3>
#include <GUIConstantsEx.au3>
#include <Array.au3>
#include <Crypt.au3>

Global $a=IniReadSectionNames("accounts.ini")
Global $newuserinput = GUICtrlCreateInput("", 8, 40, 185, 21)
Global $newupassinput = GUICtrlCreateInput("", 8, 96, 185, 21, $ES_PASSWORD)
Global $AdminLogin = GUICtrlCreateButton( "&Admin &Login", 110, 10)
; #FUNCTION# ====================================================================================================================
; Name...........: _login()
; Description ...: Opens a GUI to create a new account or switch to the login menu.
; Syntax.........: _login()
; Parameters ....: none
; Returns........: nothing, it opens the create user menu though.
; Author ........: pieeater
; Remarks .......: You don't have to add a new account if you have already made one.
; Example .......: _login()
; ===============================================================================================================================
Func _login()
    $NewUser = GUICreate("New username", 209, 188, -1, -1)
    $newuserinput = GUICtrlCreateInput("", 8, 40, 185, 21)
    $newupassinput = GUICtrlCreateInput("", 8, 96, 185, 21, $ES_PASSWORD)
    $Createnewuser = GUICtrlCreateButton("&OK", 14, 128, 75, 25, $BS_NOTIFY)
    $Cancelnewuser = GUICtrlCreateButton("&Cancel", 111, 128, 75, 25, $BS_NOTIFY)
    $EnterPassLabel = GUICtrlCreateLabel("Enter password", 8, 68, 77, 17, 0)
    $newusername = GUICtrlCreateLabel("Enter New Username", 8, 16, 105, 17)
    $switchlogin = GUICtrlCreateButton( "&Login", 55, 160, 100, 25)
    $AdminLogin = GUICtrlCreateButton( "&Admin &Login", 120, 10)
    GUISetState(@SW_SHOW)
    While 1
        $nMsg = GUIGetMsg()
        Switch $nMsg
            case $cancelnewuser
                Exitloop
            Case $GUI_EVENT_CLOSE
                Exit
            Case $createnewuser
                _Create_New_User()
            Case $AdminLogin
                GUIDelete($NewUser)
                _Admin_Login()
            Case $switchlogin
                GUIDelete($NewUser)
                _Login_Menu()
        EndSwitch
    WEnd
EndFunc
; #FUNCTION# ====================================================================================================================
; Name...........: _Create_New_User()
; Description ...: Used by _login() to create a new user, it's used internally so i wouldnt suggest using it in your script.
; Syntax.........: _Create_New_User()
; Parameters ....: None
; Returns........: 0 = success
;                 -1 = Username Exists
; Author ........: pieeater
; ===============================================================================================================================
Func _Create_New_User()
    If IniRead("accounts.ini", "Accounts", _Crypt_HashData(GUICtrlRead($newuserinput), $CALG_MD5), 0) == 0 Then
        IniWrite("accounts.ini", "Accounts", _Crypt_HashData(GUICtrlRead($newuserinput), $CALG_MD5), _Crypt_HashData(GUICtrlRead($newupassinput), $CALG_MD5))
        Return 0
    Else
        Return -1
    EndIf
EndFunc
; #FUNCTION# ====================================================================================================================
; Name...........: _Login_Menu()
; Description ...: Opens the login without going through the create user GUI.
; Syntax.........: _Login_Menu()
; Parameters ....: None
; Returns........: 0 = success
;                 -1 = Username Exists
; Author ........: pieeater
; Example .......: _Login_Menu()
; Note...........: Starts the function _Success() if correct information is used(Note: _Success() MUST be used in all scripts using this UDF).
; ===============================================================================================================================
Func _Login_Menu()
    $gui=GUICreate("Login", 209, 188, -1, -1)
    $userinput = GUICtrlCreateInput("", 8, 40, 185, 21)
    $passinput = GUICtrlCreateInput("", 8, 96, 185, 21, $ES_PASSWORD)
    $Enter = GUICtrlCreateButton("&OK", 14, 128, 75, 25, $BS_NOTIFY)
    $Cancel = GUICtrlCreateButton("&Cancel", 111, 128, 75, 25, $BS_NOTIFY)
    $Labelpass = GUICtrlCreateLabel("Enter password", 8, 68, 77, 17, 0)
    $username = GUICtrlCreateLabel("Enter Username", 8, 16, 105, 17)
    $login = GUICtrlCreateButton( "&Login", 55, 160, 100, 25)
    $AdminLogin = GUICtrlCreateButton( "&Admin &Login", 120, 10)
    GUISetState(@SW_SHOW)
    While 1
        $nMsg=GUIGetMsg()
        Switch $nMsg
            Case $Cancel
                Exit
            Case $GUI_EVENT_CLOSE
                Exit
            Case $login
                GUIDelete($gui)
                _Login()
            Case $AdminLogin
                GUIDelete($gui)
                _Admin_Login()
            Case $Enter
                $pass = GUICtrlRead($passinput)
                $user = GUICtrlRead($userinput)
                $a = IniReadSection("accounts.ini", "Accounts")
                For $i=1 To $a[0][0]
                    If $a[$i][1] == _Crypt_HashData($pass, $CALG_MD5) And $a[$i][0] == _Crypt_HashData($user, $CALG_MD5) Then
                        GUIDelete($gui)
                        _Success()
                    Else
                        MsgBox(4096, "Failed login", "Try again with the right username or password.")
                        GUIDelete($gui)
                        _Login_Menu()
                    EndIf
                Next
        EndSwitch
    WEnd
EndFunc

; #FUNCTION# ====================================================================================================================
; Name...........: _Create_Account()
; Description ...: Allows adding an account inside the script without a GUI.
; Syntax.........: _Create_Account( $uName, $pWord)
; Parameters ....: $uName = Username.
;                  $pWord = Password.
; Returns........: 0 = success
;                 -1 = Username Exists
; Author ........: pieeater
; Example .......: _Create_Account( "username", "password")
; ===============================================================================================================================
Func _Create_Account( $uName = "", $pWord = "")
    If IniRead("accounts.ini", "Accounts", _Crypt_HashData($uName,$CALG_MD5),0) == 0 Then
        IniWrite("accounts.ini", "Accounts", _Crypt_HashData($uName, $CALG_MD5) & " ", " " & _Crypt_HashData($pWord, $CALG_MD5))
        Return 0
    Else
        Return -1
    EndIf
EndFunc
; #FUNCTION# ====================================================================================================================
; Name...........: _Create_Admin()
; Description ...: Creates an administrator account.
; Syntax.........: _Create_Admin( $uNname, $pWord)
;  Parameters ....: $uName = Username.
;                  $pWord = Password.
; Returns........: 0 = success
;                 -1 = Username Exists
; Author ........: pieeater
; Example .......: _Create_Admin( "username", "password")
; ===============================================================================================================================
Func _Create_Admin( $uName = "", $pWord = "")
    $ini=IniReadSection("accounts.ini", "Admin")
    If $ini=1 Then
        IniWrite("accounts.ini", "Admin", _Crypt_HashData($uName, $CALG_MD5)&" ", " " & _Crypt_HashData( $pWord, $CALG_MD5))
        Return 0
    Else
        Return -1
    EndIf
EndFunc
; #FUNCTION# ====================================================================================================================
; Name...........: _Admin_Login()
; Description ...: Opens the GUI for an Admin Login.
; Syntax.........: _Admin_Login()
; Parameters ....: None
; Returns........: 0 = success
;                 -1 = Username or Password invalid
;                 -2 = no admin account
; Author ........: pieeater
; Example .......: _Admin_Login()
; Notes..........: Starts the function _Admin_Login() if correct information is put into the GUI(Note: _Admin_Login() MUST be used in all scripts using this UDF).
; ===============================================================================================================================
Func _Admin_Login()
    $Admin=GUICreate("Admin Login", 209, 188, -1, -1)
    $Adminuserinput = GUICtrlCreateInput("", 8, 40, 185, 21)
    $Adminpassinput = GUICtrlCreateInput("", 8, 96, 185, 21, $ES_PASSWORD)
    $Enter2 = GUICtrlCreateButton("&OK", 14, 128, 75, 25, $BS_NOTIFY)
    $Cancel2 = GUICtrlCreateButton("&Cancel", 111, 128, 75, 25, $BS_NOTIFY)
    $Labelpass2 = GUICtrlCreateLabel("Enter password", 8, 68, 77, 17, 0)
    $username = GUICtrlCreateLabel("Enter Username", 8, 16, 105, 17)
    GUISetState(@SW_SHOW)
    While 1
        $nMsg=GUIGetMsg()
        Switch $nMsg
            Case $Cancel2
                Exit
            Case $GUI_EVENT_CLOSE
                Exit
            Case $Enter2
                $ap=GUICtrlRead($Adminpassinput)
                $au=GUICtrlRead($Adminuserinput)
                $AdminIni=IniReadSection("accounts.ini","Admin")
                If $AdminIni[1][0] == _Crypt_HashData( $au, $CALG_MD5) And $AdminIni[1][1] == _Crypt_HashData( $ap, $CALG_MD5) Then
                    GUIDelete($Admin)
                    _Admin_Account()
                    Return 0
                ElseIf $AdminIni=1 Then
                    Return -2
                Else
                    Return -1
                EndIf
        EndSwitch
    WEnd
EndFunc

its now a secure login and i thought it might be a good start for a bigger program. hope it helps someone:)

UPDATE 5/5/2011: I've finally made this UDF encrypted.(using hash) also i made it return values instead of message boxes, however i would like to know if an message box would make it better on telling you if the username exists, so please let me know what you think!

UPDATE: I've added an Admin Account possibility and I've added a much better discription of each command. I've also spotted a bug but I don't know how to fix it :unsure: i feel its an major update to the first version.

Downloads for version 0.0.1: 29

Login.au3

Edited by pieeater

[spoiler]My UDFs: Login UDF[/spoiler]

Share this post


Link to post
Share on other sites



#3 ·  Posted (edited)

Nice start; it has potential. Check out _Crypt_HashData to help make it secure. You could store the password in its hashed form, then hash the password field on your GUI and compare that to the one stored in the file. If they match, the password is good.

If _Crypt_HashData( [ PASSWORD FROM THE GUI ], $CALG_MD5) = [PASSWORD FROM THE INI FILE] Then
    MsgBox(64,"Access Granted","Password correct!")
Else
    MsgBox(16,"Access Denied","You entered the wrong password!")
EndIf

Another option might be to combine the username, password and level of access into the string you run through the hash, so that you could store a single entry in the INI file for each user and confirm all three with a single hash. This might also allow you to have the same username as an admin and as a non-admin with different passwords. A match to the hash for UsernamePasswordAdmin would be different than the hash for UsernamePasswordNormal. Just an idea.

Also, if you make this a UDF file, be sure to have your functions return values like True/False (success/failure, use @extended for the reason it failed) or maybe 0 for success and various non-zero values to indicate why it failed instead of presenting success/fail MsgBoxes or calling functions. Let the user get back a simple yes/no and do with it what they want.

If _Login() Then
    ; Login worked, do something
EndIf
Edited by c0deWorm

My UDFs: ExitCodes

Share this post


Link to post
Share on other sites

thanks for the tip with the return, your completely right. im adding it in my next update, im working on the encrypting part to. :unsure:


[spoiler]My UDFs: Login UDF[/spoiler]

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

Oh, and it might be good to have functions for access to the current username and access level. The global variable is usable too, but IMO it's better to "hide" those and use functions to get their values.

; "Default" in any of the "New" parameters would keep the current value
If _UserLogin() Then ; True if the user has been logged in
If _UserLogout() Then ; True if the user has been logged out
If _UserLoginAdmin() Then ; True if the user has been logged in as an admin
If _UserIsAdmin() Then ; True if the user is an admin
If _UserCreate(Username, Password, Access Level) Then ; True if the user was successfully created (the INI save was successful)
If _UserEdit(Username, New Username, New Password, New Access Level) Then ; True if the edit was successful
If _UserDelete(Username) Then ; True if the user was deleted

Last, you might check out the format of some of the UDF include files packaged with AutoIt3 for formatting. Specifically, attempting to make global variables and internal functions (ones you don't intend users to use directly) unique by using multiple underscores (e.g. $__sUsername or Func __CreateNewUser).

Good luck. Looking forward to the end product.

Edited by c0deWorm

My UDFs: ExitCodes

Share this post


Link to post
Share on other sites

also should i return values instead of functions? i think it might make the script better.


[spoiler]My UDFs: Login UDF[/spoiler]

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

This is really cool, ill test it in a second!

but first... i really have to go to the bathroom...

Edit:

So im back, and i have tested and my initial comment is:

Example!

This thing needs an example!

I tried to understand what was said in the UDF but i wasnt really sure what i was doing.

So make a simple example script!

Edited by Maffe811

[font="helvetica, arial, sans-serif"]Hobby graphics artist, using gimp.Automating pc stuff, using AutoIt.Listening to music, using Grooveshark.[/font]Scripts:[spoiler]Simple ScreenshotSaves you alot of trouble when taking a screenshot!Don't remember what happened with this, but aperantly the exe is all i got.If you don't want to run it, simply don't._IsRun UDFIt figures out if the script has ben ran before based on the info in a ini file.If you don't want to use exactly what i wrote, you can use it as inspiration.[/spoiler]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0