From 54201439cb7e1ebb743dbdfabead50f592424bd2 Mon Sep 17 00:00:00 2001 From: morales-gregorio Date: Mon, 26 Aug 2024 12:00:16 +0200 Subject: [PATCH 1/9] capitalize global variable --- auth.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/auth.py b/auth.py index aed1472..1559a08 100644 --- a/auth.py +++ b/auth.py @@ -2,7 +2,7 @@ import json import sys from getpass import getpass -pwdb_path = 'pwdb.json' +PWDB_PATH = 'pwdb.json' def get_credentials(): username = input('Enter your username: ') @@ -16,26 +16,26 @@ def add_user(username, pwdb): pwdb[username] = input(f'Enter password for {username}: ') return pwdb -def read_pwdb(pwdb_path): +def read_pwdb(PWDB_PATH): try: - pwdb_file = open(pwdb_path, 'rt') + pwdb_file = open(PWDB_PATH, 'rt') pwdb = json.load(pwdb_file) except Exception: pwdb = {} return pwdb -def write_pwdb(pwdb, pwdb_path): - pwdb_file = open(pwdb_path, 'wt') +def write_pwdb(pwdb, PWDB_PATH): + pwdb_file = open(PWDB_PATH, 'wt') json.dump(pwdb, pwdb_file) if __name__ == "__main__": - pwdb_path = 'pwdb.json' - pwdb = read_pwdb(pwdb_path) + PWDB_PATH = 'pwdb.json' + pwdb = read_pwdb(PWDB_PATH) if len(sys.argv) > 1: pwdb = add_user(sys.argv[1], pwdb) - write_pwdb(pwdb, pwdb_path) + write_pwdb(pwdb, PWDB_PATH) else: username, password = get_credentials() if username not in pwdb: From 92818882f90e88bd52de256cb24aa93bb592ce57 Mon Sep 17 00:00:00 2001 From: Matthias Tangemann Date: Mon, 26 Aug 2024 14:50:17 +0300 Subject: [PATCH 2/9] add a cheatsheet for git commands --- cheatsheet.md | 176 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 cheatsheet.md diff --git a/cheatsheet.md b/cheatsheet.md new file mode 100644 index 0000000..813aa43 --- /dev/null +++ b/cheatsheet.md @@ -0,0 +1,176 @@ +# Git cheatsheet + +## Creating a repository +```bash +git init +``` +Creates new git repository in current directory. + +```bash +git clone () +``` +Clones the repository at the specified url. If no path is specified, the repository will +be cloned into a directory with the same name as the remote repository. + + +## Branches +```bash +git branch +``` +Lists all branches in the repository. + +```bash +git branch +``` +Creates a new branch with the given name. + +```bash +git switch +``` +Switches to the specified branch. + +```bash +git merge +``` +Merges the specified branch into the current branch. + + +## Making changes +```bash +git status +``` +Shows the status of the repository. This includes the current branch and files that have been modified. + +```bash +git diff (--staged) +``` +Shows the changes that have been made to the files in the repository. Use `--staged` to see changes that have been added to the staging area. + +```bash +git add +``` +Adds the specified file to the staging area. + +```bash +git add . +``` +Adds all files in the current directory to the staging area. + +```bash +git reset () +``` +Removes the specified file from the staging area. If no file is specified, all files are removed. + +```bash +git commit (-m "") +``` +Commits all changes in the staging area to the current branch. If the `-m` flag is omitted, a text editor will open to write a commit message. + +```bash +git commit --amend +``` +Adds the staged changes to the last commit. This can be used for fixing typos in the commit message. + + +## Undoing changes +```bash +git restore +``` +Restores the specified file to the state of the last commit. This undoes uncommitted changes. + +```bash +git revert +``` +Creates a new commit that undoes the changes of the specified commit. Use `git log` to find the hash of the commit. + +```bash +git reset --hard +``` +Resets the current branch to the specified commit. DANGER: This will remove all changes after the specified commit. Prefer `git revert`. + + +## Looking at the history +```bash +git log (--oneline) +``` +Shows all past commits on the current branch. Use `--oneline` to show a more compact view. + +```bash +git show +``` +Shows the changes of the specified commit. Use `git log` to find the has of the commit. + + +## Remote repositories +```bash +git remote add +``` +Adds a new remote repository with the specified name (e.g. `origin` or `upstream`) and url. Origin is automatically created when cloning a repository. + +```bash +git push +``` +Pushes the specified branch to the remote repository. + +```bash +git fetch +``` +Fetches changes from the remote repository. + +```bash +git pull +``` +Fetches changes from the remote repository and merges them into the current branch. + + +## Typical workflow +```bash +# 1. Fork the repository on GitHub / git.aspp.school + +# 2. Clone the repository +git clone +git remote add upstream + +# 3. Create a new branch +git branch +git switch + +# 4. Make changes to the code + +# 5. Add and commit changes +git add . +git commit -m "" + +# 6. Push changes to your fork +git push origin + +# 7. Create a pull request on GitHub / git.aspp.school + +# 8. Wait for the pull request to be reviewed and merged + +# 9. Pull changes from the remote repository +git switch main +git pull upstream main + +# 10. Delete the topic branch +git branch -d +``` + +Whenever the remote repository is updated (i.e. when a pull request is merged), you need to pull the changes into your local repository. +```bash +git switch main +git pull upstream main + +# If you have an active topic branch, you need to rebase it on top of the updated main branch +git switch +git rebase main +``` + + +## Getting help +```bash +git help +``` +Shows the manual page for the specified command (`add`, `commit`, `push`, etc.). + +Official Git documentation: https://git-scm.com/docs From 028fb6bf931270ba594b728b746039c2218cd54b Mon Sep 17 00:00:00 2001 From: ASPP Student Date: Mon, 26 Aug 2024 14:53:00 +0300 Subject: [PATCH 3/9] implement password hashing function --- auth.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/auth.py b/auth.py index 1559a08..fb0cb6b 100644 --- a/auth.py +++ b/auth.py @@ -1,6 +1,7 @@ import json import sys from getpass import getpass +from hashlib import sha256 PWDB_PATH = 'pwdb.json' @@ -29,6 +30,9 @@ def write_pwdb(pwdb, PWDB_PATH): json.dump(pwdb, pwdb_file) +def pwhash(pwd): + return sha256(pwd) + if __name__ == "__main__": PWDB_PATH = 'pwdb.json' pwdb = read_pwdb(PWDB_PATH) From 487f0f9597899d69d66e23ea87900832c653d764 Mon Sep 17 00:00:00 2001 From: ASPP Student Date: Mon, 26 Aug 2024 15:31:04 +0300 Subject: [PATCH 4/9] fix hashing password --- auth.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/auth.py b/auth.py index fb0cb6b..50296e3 100644 --- a/auth.py +++ b/auth.py @@ -31,7 +31,12 @@ def write_pwdb(pwdb, PWDB_PATH): def pwhash(pwd): - return sha256(pwd) + encoded_pwd = pwd.encode("utf-8") + m = sha256() + m.update(encoded_pwd) + return m.hexdigest() + + if __name__ == "__main__": PWDB_PATH = 'pwdb.json' From de4dc255acd7bbd2db200aad8323388ab9b2e3a6 Mon Sep 17 00:00:00 2001 From: ASPP Student Date: Mon, 26 Aug 2024 15:31:17 +0300 Subject: [PATCH 5/9] implement hashing password where needed --- auth.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/auth.py b/auth.py index 50296e3..fad77c5 100644 --- a/auth.py +++ b/auth.py @@ -7,14 +7,14 @@ PWDB_PATH = 'pwdb.json' def get_credentials(): username = input('Enter your username: ') - password = getpass('Enter your password: ') - return (username, password) + hashed_password = pwhash(getpass('Enter your password: ')) + return (username, hashed_password) -def authenticate(username, password, pwdb): - return password == pwdb[username] +def authenticate(username, hashed_password, pwdb): + return hashed_password == pwdb[username] def add_user(username, pwdb): - pwdb[username] = input(f'Enter password for {username}: ') + pwdb[username] = pwhash(input(f'Enter password for {username}: ')) return pwdb def read_pwdb(PWDB_PATH): From f54993e5de646f8bb1fa45977d990276fa441a6b Mon Sep 17 00:00:00 2001 From: ASPP Student Date: Mon, 26 Aug 2024 15:44:37 +0300 Subject: [PATCH 6/9] hide user password on user creation --- auth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth.py b/auth.py index fad77c5..7029239 100644 --- a/auth.py +++ b/auth.py @@ -14,7 +14,7 @@ def authenticate(username, hashed_password, pwdb): return hashed_password == pwdb[username] def add_user(username, pwdb): - pwdb[username] = pwhash(input(f'Enter password for {username}: ')) + pwdb[username] = pwhash(getpass(f'Enter password for {username}: ')) return pwdb def read_pwdb(PWDB_PATH): From 3bead9f7b61e7f4896d9dad167d5db1d24399629 Mon Sep 17 00:00:00 2001 From: Tiziano Zito Date: Thu, 22 Aug 2024 12:07:31 +0200 Subject: [PATCH 7/9] add full lecture notes --- README.md | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 2f2416d..2e4865a 100644 --- a/README.md +++ b/README.md @@ -13,9 +13,33 @@ — Lars Wirzenius (Linux kernel developer) -## Lecture notes +## Warm-Up +- how to start a repo from scratch? + - `git init` local method + - on an online forge (GitHub, GitLab, …): `git clone` +- how to revert mistakes? + - before commit: + - `git restore ` [discard changes in the working directory] __changes files__ + - `git restore --staged ` [unstage changes ➔ opposite of `git add `, does not modify the working directory] + - after commit: + - `git revert ` [creates a new commit, modifies the working directory] + - `git reset ` [only reset the HEAD pointer, does not modify the working directory] __rewrites history__ ➔ can not be used if you have already pushed to some remote + - `git reset --hard ` [reset HEAD and modify working directory] __rewrites history__ and __changes files__ ➔ can not be used if you have already pushed to some remote +- how to *move* the whole working directory to a specific point in history? + - `git checkout ` ➔ `DETACHED HEAD` problem, __changes__ __files__ + - interaction with branches: `git branch ` + `git switch ` +- how to copy a file from a different branch: + - `git checkout ` ➔ the file is staged automatically + - `git restore --source= `, `git push `, `git fetch `, `git merge ` +- GitHub: forks, branches and PRs: important ➔ explain fork vs. clone!!! +- strategies for keeping your fork up-to-date: your `main`, origin's and upstream's `main`, short-lived and long-lived topic branches +- a more thorough and detailed explanation can be found on the [SciPy Contributor's Guide](https://docs.scipy.org/doc/scipy/dev/gitwash/gitwash.html). This guide can be adapted to your own needs, see [gitwash](https://github.com/matthew-brett/gitwash). +- make it clear that GitHub and GitLab are just options (git≠GitHub) ## Scenarios 1. [lone scientist](scenarios/scenario1.png) working alone in the cellar without Internet (local git) From a0d4fa9c8623afea224f709eded70df6abc8a47e Mon Sep 17 00:00:00 2001 From: Tiziano Zito Date: Mon, 26 Aug 2024 16:17:24 +0300 Subject: [PATCH 8/9] my solution --- auth.py | 103 ++++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 67 insertions(+), 36 deletions(-) diff --git a/auth.py b/auth.py index 7029239..5408393 100644 --- a/auth.py +++ b/auth.py @@ -1,57 +1,88 @@ +import getpass import json +import pathlib +import random +import string import sys -from getpass import getpass -from hashlib import sha256 -PWDB_PATH = 'pwdb.json' +# name of the file where we store the pw database +PWDB_FLNAME = pathlib.Path('pwdb.json') + +# list of valid characters for salt (only ASCII letters + digits + punctuation) +CHARS = string.ascii_letters + string.digits + string.punctuation + +# length of salt +SALT_LENGTH = 5 def get_credentials(): + # get input from terminal username = input('Enter your username: ') - hashed_password = pwhash(getpass('Enter your password: ')) - return (username, hashed_password) + # get password using the appropriate module, so that typed characters are not + # echoed to the terminal + password = getpass.getpass('Enter your password: ') + return (username, password) -def authenticate(username, hashed_password, pwdb): - return hashed_password == pwdb[username] +def authenticate(username, pass_text, pwdb): + # get the salt from the database + salt = pwdb[username][1] + # calculate hash and compare with stored hash + return pwhash(pass_text, salt) == pwdb[username][0] def add_user(username, pwdb): - pwdb[username] = pwhash(getpass(f'Enter password for {username}: ')) + # do not try to add a username twice + if username in pwdb: + raise Exception(f'Username already exists [{username}]!') + else: + password = getpass.getpass(f'Enter password for {username}: ') + salt = get_salt() + pwdb[username] = (pwhash(password,salt), salt) return pwdb -def read_pwdb(PWDB_PATH): - try: - pwdb_file = open(PWDB_PATH, 'rt') - pwdb = json.load(pwdb_file) - except Exception: +def read_pwdb(pwdb_path): + if not pwdb_path.exists(): pwdb = {} + else: + with open(pwdb_path, 'rt') as pwdb_file: + pwdb = json.load(pwdb_file) return pwdb -def write_pwdb(pwdb, PWDB_PATH): - pwdb_file = open(PWDB_PATH, 'wt') - json.dump(pwdb, pwdb_file) +def write_pwdb(pwdb, pwdb_path): + with open(pwdb_path, 'wt') as pwdb_file: + json.dump(pwdb, pwdb_file) +def pwhash(pass_text, salt): + # simple additive hash -> very insecure! + hash_ = 0 + full_pass_text = pass_text + salt + for idx, char in enumerate(full_pass_text): + # use idx as a multiplier, so that shuffling the characters returns a + # different hash + hash_ += (idx+1)*ord(char) + return hash_ -def pwhash(pwd): - encoded_pwd = pwd.encode("utf-8") - m = sha256() - m.update(encoded_pwd) - return m.hexdigest() +def get_salt(): + salt_chars = random.choices(CHARS, k=SALT_LENGTH) + return ''.join(salt_chars) - - -if __name__ == "__main__": - PWDB_PATH = 'pwdb.json' - pwdb = read_pwdb(PWDB_PATH) +def main(pwdb_path): + # load the password database from file + pwdb = read_pwdb(pwdb_path) + # if we are passed an argument, we want to add a new user if len(sys.argv) > 1: pwdb = add_user(sys.argv[1], pwdb) - write_pwdb(pwdb, PWDB_PATH) - else: - username, password = get_credentials() - if username not in pwdb: - print('Wrong username!') - else: - if authenticate(username, password, pwdb): - print('Successfully authenticated!') - else: - print('Wrong password!') + write_pwdb(pwdb, pwdb_path) + return + + # ask for credentials + username, password = get_credentials() + if username not in pwdb or not authenticate(username, password, pwdb): + print('Wrong username or password!') + else: + print('Successfully authenticated!') + + return + +if __name__ == '__main__': + main(PWDB_FLNAME) From 02beb4359fcbaf85d346cc3314d38c96b8ab6125 Mon Sep 17 00:00:00 2001 From: Tiziano Zito Date: Thu, 29 Aug 2024 10:14:45 +0300 Subject: [PATCH 9/9] add reference to tarot cards meaning --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 2e4865a..c68f88f 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,8 @@ - Login with your username found on your name badge and set the initial password for your account: https://git.aspp.school/user/login - You'll have to type that password many many times this week: choose wisely! - We will use the [exercise](exercise.md) in the repo for the rest of the lecture +- find a partner to do pair-programming for this lecture by finding someone with the same tarot card as you +- before starting, make yourself acquainted with the meanining and the power of the tarot cards: carefully read [this booklet](https://aspp.school/wiki/_media/tarot-runic.pdf) ## A cautionary quote