Sqlite3驗證用戶和密碼

# -*- coding:utf-8 -*-
import sqlite3,os,hashlib,time
import getpass      # pycharm不支持getpass包，請不要在pycharm中執行該程序

# 創建表
def create(conn):
    conn.execute('''CREATE TABLE USER
            (id INTEGER PRIMARY KEY AUTOINCREMENT,
            username TEXT NOT NULL UNIQUE,
            password TEXT NOT NULL,
            lock TEXT NOT NULL DEFAULT 'False',
            locktime FLOAT DEFAULT NULL )''')
    conn.commit()

# 通過用戶名查詢密碼/鎖定狀態/鎖定時間
def select(conn,user_name):
    passwd = conn.execute("SELECT password, lock, locktime from USER WHERE username = ?",(user_name,))
    return passwd.fetchone()

# 創建用戶
def insert(conn,name,passwd):
    try:
        conn.execute("INSERT INTO USER (username,password) VALUES ('%s','%s')" % (name, passwd))
        conn.commit()
    except sqlite3.IntegrityError as e:
        print('User ID already exists, Please use a different!')

# 更新用戶鎖定狀態/鎖定時間
def update(conn,user_name,lock,locktime):
    conn.execute("UPDATE USER set lock = '%s',locktime = '%s' where username='%s'" % (lock,locktime,user_name))
    conn.commit()

if __name__ == '__main__':

    #斷users.db是否已存在
    if not os.path.exists('users.db'):
        conn = sqlite3.connect('users.db')
        create(conn)
        user_name = 'alex'
        user_passwd = b'tesla'
        # 創建用戶,密碼使用md5加密后存入數據庫
        insert(conn, user_name, hashlib.md5(user_passwd).hexdigest())
        print("Init a test user (%s) and password (%s)!"%(user_name, user_passwd))
    else:
        conn = sqlite3.connect('users.db')
    # 定義三次登錄機會
    login_false_count = 3
    while login_false_count > 0:
        user_name = input('Please Enter Username:').strip()
        if len(user_name) == 0:
            continue
        # 調用getpass使輸入的密碼不直接打印在屏幕
        user_passwd = bytes(getpass.getpass(),encoding='utf8')
        try:
            user_info = select(conn, user_name)     # 通過用戶名查詢用戶密碼/鎖定狀態/鎖定時間
            if user_info[1] == 'True':      # 判斷用戶是否已鎖定
                if (time.time() - user_info[2]) > 1800:     # 判斷鎖定是否超過30分鍾
                    update(conn, user_name, 'False', None)      # 超過30分鍾設置用戶鎖定字段為False,並清除鎖定時間
                    if user_info[0] == hashlib.md5(user_passwd).hexdigest():    # 判斷密碼是否正確
                        print('Welcome %s' % user_name)
                        break
                    else:
                        login_false_count -= 1
                        print('Username or Password error! Your can login %d times!' % login_false_count)
                else:
                    print('Login Failed! Your account have been locked, it will be unlocked after %s minutes, please try again later!'%int((1800-(time.time() - user_info[2]))/60))
                    break
            else:
                if user_info[0] == hashlib.md5(user_passwd).hexdigest():    # 判斷密碼是否正確
                    print('Login Success, Welcome %s!' % user_name)
                    break
                else:
                    login_false_count -= 1
                    print('Username or Password error! Your can login %d times!' % login_false_count)
        except TypeError as e:
            print('User ID does not exist!')
            continue
        if login_false_count == 0:
            update(conn, user_name, 'True', time.time())     # 密碼嘗試3次后，調用update函數將用戶的locked字段設置為True
            print('Your account is locked and automatic unlocking after 30 minutes, please try again later!')
    conn.close()