How to Limit Logins in Python Code
Python programs allow users to log in using log-in credentials. In order to avoid hacking, you should instill some sort of log-in limit to avoid brute force attacks, which are characterized by hackers entering multiple passwords until they find the correct one. In this case, set aside a log-in logfile to track the amount of user log-in attempts throughout a certain time period.
Other People Are Reading
Instructions
-
-
1
Create a log script:
>>>def logIn(name, passwd):
. . . /*checks database for user name and information*/
. . . -
2
Read from the log script, which contains the information for log-in attempts. This should occur prior to any queries to the database:
>>>def logIn(name, passwd):
. . . f = open('/var/log/login.txt')
. . . contents = f.read() -
-
3
Check log-in attempts by searching for the index of the name and reading the line. This file assumes that the log file will follow a format in which each line represents a user and is formatted as "username = login_attempts." For example, if Bob tried to log in twice, his line would read "Bob = 2."
. . . contents = f.read()
. . . index = contents.find(name)
. . . while content[index] != ' ':
. . . index += 1
. . . index += 2
. . . attempts = contents[index] -
4
If a user makes more log-in attempts than allowed, deny access. If not, add one to attempts and store in file. In this example, the limit of log-in attempts is four:
. . . if attempts == '4':
. . . print 'Too many attempts, aborting...'
. . . return
. . . else:
. . . /*query database for login credentials*/ -
5
Add a log-in attempt to the list:
. . . x = int(content[index])
. . . x += 1
. . . content[index] = str(x)
-
1
