test/test_login_page.py

import os
import streamlit as st
import pandas as pd
import time
from getmac import get_mac_address as gma
from requests import get
import platform, uuid, psutil
import json

# Security
#passlib,hashlib,bcrypt,scrypt
import hashlib

# Set direction as current folder
sourceFileDir = os.path.dirname(os.path.abspath(__file__))
os.chdir(sourceFileDir)

def make_hashes(password):
	return hashlib.sha256(str.encode(password)).hexdigest()

def check_hashes(password, hashed_text):
	if make_hashes(password) == hashed_text:
		return hashed_text
	return False
    
# DB Management
import sqlite3 
conn = sqlite3.connect('data.db')
c = conn.cursor()

# DB  Functions
def create_user_table():
	c.execute('CREATE TABLE IF NOT EXISTS users(user_id INTEGER PRIMARY KEY AUTOINCREMENT,\
				username TEXT NOT NULL, password TEXT NOT NULL)')

def add_user_data(username, password):
	c.execute('INSERT INTO users(username, password) VALUES (?,?)',(username,password))
	conn.commit()

def login_user(username, password):
	c.execute('SELECT * FROM users WHERE username =? AND password = ?',(username,password))
	data = c.fetchall()
	return data

def view_all_users():
	c.execute('SELECT * FROM users')
	data = c.fetchall()
	return data

def create_login_table():
	# c.execute('DROP TABLE login')

	c.execute('CREATE TABLE IF NOT EXISTS login(login_id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL,\
				login_time TEXT NOT NULL, login_duration TEXT NOT NULL,\
				device_name TEXT, device_uuid TEXT, mac_address TEXT, device_vendor TEXT, device_version TEXT, device_model TEXT, device_ram TEXT,\
				ip_v6 TEXT, ip_v4 TEXT, ip_country TEXT, ip_region TEXT, ip_city TEXT, ip_lat TEXT, ip_lon TEXT, ip_timezone TEXT, isp_name TEXT, isp_org TEXT, isp_as TEXT)')

def add_login_data(username, login_time, login_duration,\
					device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
					ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as):
	# c.execute('INSERT INTO login(username, login_time, login_duration,\
	# 			device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram\
	# 			ip_address, isp, lat, long, district, city) VALUES (?, ?, ?, ?, "1b1520d5-3dd0-4101-bda8-a0e22fc23ac2", ?, ?, "2001:ee0:4f84:6a70:652e:732d:859a:76e9", "Vietnam Posts and Telecommunications Group", 10.736807957581838, 106.66109367487196, "1", "Ho Chi Minh")',\
	# 		(username, login_time, login_duration, device_name, mac_address, device_vendor))

	c.execute('INSERT INTO login(username, login_time, login_duration,\
				device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
				ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as)\
				VALUES (?, ?, ?, \
						?, ?, ?, ?, ?, ?, ?, \
						?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',\
				(username, login_time, login_duration,\
				device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
				ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as))

	conn.commit()

# Export data to CSV
def export_csv():

	# Export table login
	db_df = pd.read_sql_query('SELECT * FROM login', conn)
	db_df.to_csv('login.csv', index=False)

	# Export table users
	db_df = pd.read_sql_query('SELECT * FROM users', conn)
	db_df.to_csv('users.csv', index=False)

def get_from_api(url, value=""):
     
    # Use get method to fetch details from URL API
    response = get(url + value)
    if response.status_code != 200:
        raise Exception("[!] Invalid request!")

    return response.content.decode()

def get_ip_info(ip_v4):

	# Get information from the ipv4
	isp = get_from_api("http://ip-api.com/json/", ip_v4)

	# Convert dictionary string to dictionary
	isp = json.loads(isp)

	# Get information from the dictionary
	ip_country = isp["country"]
	ip_region = isp["regionName"]
	ip_city = isp["city"]
	ip_lat = isp["lat"]
	ip_lon = isp["lon"]
	ip_timezone = isp["timezone"]
	isp_name = isp["isp"]
	isp_org = isp["org"]
	isp_as = isp["as"]

	return ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as

def main():
	"""Banking Advanced Authentication Module"""

	menu = ["Home", "SignUp", "User Login", "Testing Tool"]
	choice = st.sidebar.selectbox("Menu",menu)

	if choice == "Home":
		st.subheader("Banking Advanced Authentication Module")        

	elif choice == "SignUp":
		st.subheader("Create New Account")
		new_user = st.text_input("Username")
		new_password = st.text_input("Password",type='password')

		if st.button("Signup"):
			create_user_table()
			add_user_data(new_user,make_hashes(new_password))
			st.success("You have successfully created a valid Account")
			st.info("Go to Login Menu to login")

	elif choice == "User Login":

		col1, col2, col3 = st.columns(3)

		with col1:
			st.image("img/blank.png")

		with col2:
			st.image("img/blank.png")

		with col3:
			st.image("img/Standard_Chartered.png")

		with st.container():
			st.subheader("Login")			
			time_start = time.time()
			username = st.text_input("Username")
			password = st.text_input("Password",type='password')
			login = st.button("Login")
		
		if login:

			login_time = time.time()
			hashed_pswd = make_hashes(password)			
			result = login_user(username,check_hashes(password,hashed_pswd))

			if result:
	
				login_duration = login_time - time_start

				# Collect device information
				device_name = platform.node()
				device_uuid = uuid.getnode()
				mac_address = gma()
				device_vendor = get_from_api("https://api.macvendors.com/", mac_address)
				device_version = platform.version()
				device_model = platform.platform()
				device_ram = str(round(psutil.virtual_memory().total / (1024.0 **3)))+" GB"

				# Collect IP information
				ip_v6 = get_from_api('https://ident.me')
				ip_v4 = get_from_api('https://api.ipify.org')
				ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as = get_ip_info(ip_v4)


				create_login_table()

				verification = False

				############## Here is to put IF ELSE & Face verification logic to determine if it is the real user **********
				##
				##
				##
				## => verification = True
				verification = True
				
				if verification:

					add_login_data(username, login_time, login_duration,\
									device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
									ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as)

					# To export database to csv file (can be commented out if not needed)
					# export_csv()

					st.success("Logged In as {}".format(username))

					task = st.selectbox("Task",["Add Post","Analytics","Profiles"])
					if task == "Add Post":
						st.subheader("Add Your Post")

					elif task == "Analytics":
						st.subheader("Analytics")
					elif task == "Profiles":
						st.subheader("User Profiles")
						user_result = view_all_users()
						clean_db = pd.DataFrame(user_result,columns=["Username","Password"])
						st.dataframe(clean_db)
				else:
					st.warning("Not the real user => Fail to login.")

			else:
				st.warning("Incorrect Username/Password")

	else:
		st.subheader("Testing tool") 

if __name__ == '__main__':
	main()