-1

I want to connect two python scripts together, Let me show what I want to do, there is one login.py file and another main.py file, now when someone run login.py script, It will ask password and if password is correct then it will run main.py. The problem is if someone directly run main.py then there should be a condition if he logged in or not, If not then it will run login.py, and one more thing that I don't want to combine both files.

login.py

import os
enterPass = input('Please enter password')
if enterPass == "admin":
    os.system('python main.py')
else:
    print('Password Wrong')

main.py

print("Logged in successfully")
#my code that I want to run
Ted Klein Bergman
  • 9,146
  • 4
  • 29
  • 50
  • 2
    Does this answer your question? [How can I make one python file run another?](https://stackoverflow.com/questions/7974849/how-can-i-make-one-python-file-run-another) – Tomerikoo Dec 28 '20 at 07:59
  • No this doesn't solve my problem, :( –  Dec 28 '20 at 08:00
  • Create a main function in main.py and call that function from login.py when login is successful. [How to import python file](https://stackoverflow.com/q/2349991/5956174) Btw user can always run the main.py directly like this. What would be better to do is to give some sort of access token to main function for login authentication. – Zaif Senpai Dec 28 '20 at 08:03
  • Does this answer your question? [python: how to tell if file executed as import vs. main script?](https://stackoverflow.com/questions/8715990/python-how-to-tell-if-file-executed-as-import-vs-main-script) – Tomerikoo Dec 28 '20 at 08:06
  • 2
    It feels like you've got an [XY problem](https://en.wikipedia.org/wiki/XY_problem). This is not how you do things and it won't really work. It seems like you're trying to copy how websites works, but this doesn't work locally. You could hack together something, but it's better that you explain the actual problem that you're trying to solve. – Ted Klein Bergman Dec 28 '20 at 08:14
  • @Tomerikoo No, they're trying to make an authentication script that _"logs in"_ a user in order to use other scripts. So if the user runs another script without _"logging in"_ first, it shouldn't run. – Ted Klein Bergman Dec 28 '20 at 08:21
  • @TedKleinBergman Well, that exactly what `if __name__ == "__main__"` is for: if `main` is run as the main script, there was no login, so run login first... – Tomerikoo Dec 28 '20 at 08:23
  • @Tomerikoo But if they've _"logged in",_ then you should be able to run `main.py` as a main script. – Ted Klein Bergman Dec 28 '20 at 08:25
  • @TedKleinBergman well I might be just misunderstanding something, but isn't logging in done by running `login.py`? – Tomerikoo Dec 28 '20 at 08:27
  • @Tomerikoo The code example in the question is incomplete. They want the `login.py` script to set some state so the next times you run `main.py` directly as a main script, it'll be able to determine whether the user has been correctly authenticated or not. – Ted Klein Bergman Dec 28 '20 at 08:32

2 Answers2

0

You might want to run the main.py from the longin.py via the shell

import os
os.system('python3 main.py')
werzel
  • 11
  • 2
  • Nooo, the condition is if not logged in then run login.py –  Dec 28 '20 at 08:03
  • Like if someone directly run main.py, then it should check the condition if someone logged in or not, if not logged in then run login.py –  Dec 28 '20 at 08:04
  • 1
    Why not just `import main` instead of using `os`? – Tomerikoo Dec 28 '20 at 08:07
0

This doesn't work. At least not securely. You're trying to replicate the authentication process of a website, but that's not how it works locally on a machine.

When you successfully log in to a website, it'll put an authentication token in your browser. This will be sent every time you visit the site the next time and act like your password. For it to work locally, you'd have to ask the user for the password every time (as in Tomerikoo's answer).

A hack to make it work is to store the some state on the user that tells them that they've logged in. A simple example would be:

login.py

import os
password = input('Please enter password')
if password == "admin":
    os.environ['USER_PASSWORD'] = "Logged in"
else:
    os.environ['USER_PASSWORD'] = "Not logged in"

main.py

import os
if os.environ.get('USER_PASSWORD', 'Not logged in') == "Logged in":
    print('Running code...')
else:
    print('Please log in')

This will work but doesn't provide any security at all. The problem is that all code and all data is already in the hand of the user. So they can just set USER_PASSWORD manually, change the source code, or whatever, and they'll circumvent this security check.

Even checking password == "admin" isn't secure. It could be more secure if you hashed it by downloading something like passlib and stored the encrypted password as an environment variable SECRET_PASSWORD:

from passlib.hash import sha256_crypt
encrypted_password = os.environ.get('SECRET_PASSWORD', '')
password = input('Please enter password')
if sha256_crypt.verify(password, encrypted_password):
    # Do something on success.

But even then it's not secure, because you must set USER_PASSWORD to something which the user can always introspect and figure out.

Ted Klein Bergman
  • 9,146
  • 4
  • 29
  • 50
  • Umm I did something diff, I made a function and give a argument "token", If token == "YES": my code runs, else: Show error, And In login.py I imported that and ran the function and give argument YES and it work, Plz tell If this is secure and sorry for bad english –  Dec 28 '20 at 12:33
  • @SuhailHasan It's hard to tell without code, but I doubt it's secure. – Ted Klein Bergman Dec 28 '20 at 17:16