Simple username and password application in Python

Question

I'm trying to build a simple login and password application using a dictionary. It works fine except the part where it checks if the login matches the password (in the bottom where it says "Login successful!").

If I were to create login 'a' and password 'b', and then create login 'b' and password 'a', it would log me in if I tried to log in with login 'a' and password 'a'. It just checks if those characters exist somewhere in the dictionary, but not if they are a pair.

Any suggestions how to fix this?

users = {}
status = ""

while status != "q":
    status = raw_input("Are you a registered user? y/n? Press q to quit: ")  

    if status == "n": #create new login
         createLogin = raw_input("Create login name: ")

         if createLogin in users: # check if login name exist in the dictionary
             print "Login name already exist!\n"
         else:
             createPassw = raw_input("Create password: ")
             users[createLogin] = createPassw # add login and password
             print("\nUser created!\n")     

    elif status == "y": #login the user
        login = raw_input("Enter login name: ")

        if login in users:
           passw = raw_input("Enter password: ")
           print

           if login in users and passw in users: # login matches password
               print "Login successful!\n"

        else:
            print
            print("User doesn't exist!\n")

Edit

Now that this is working, I'm trying to divide the application to three functions, for readability purposes. It works, except that I get infinite loop.

Any suggestions why?

users = {}
status = ""

def displayMenu():
    status = raw_input("Are you a registered user? y/n? Press q to quit: ")  
    if status == "y":
        oldUser()
    elif status == "n":
        newUser()

def newUser():
    createLogin = raw_input("Create login name: ")

    if createLogin in users: # check if login name exists
        print "\nLogin name already exist!\n"
    else:
        createPassw = raw_input("Create password: ")
        users[createLogin] = createPassw # add login and password
        print("\nUser created!\n")     

def oldUser():
    login = raw_input("Enter login name: ")
    passw = raw_input("Enter password: ")

    # check if user exists and login matches password
    if login in users and users[login] == passw: 
        print "\nLogin successful!\n"
    else:
        print "\nUser doesn't exist or wrong password!\n"

while status != "q":            
    displayMenu()

Answer 1

This is a very simple one based on the one earlier for a single user with improved grammar and bug fixes:

print("Steam Security Software ©")
print("-------------------------")
print("<<<<<<<<<Welcome>>>>>>>>>")
username = input("Username:")
if username == "username" :
    print ("Now type password")

else :
    print ("please try another user name. This user name is incorrect")


password = input ("Password:")
if password  == "password" :
    print ("ACCESS  GRANTED")
    print ("<<Welcome Admin>>")
    #continue for thins like opening webpages or hidden files for access

else :
    print ("INTRUDER ALERT !!!!" , "SYSTEM LOCKED")
    exit()

Answer 2

usrname = raw_input('username   :     ')
if usrname == 'username' :
    print 'Now type password '

else :
    print 'please try another user name .this user name is incorrect'


pasword = raw_input ('password     :    ')
if pasword  == 'password' :
    print ' accesses granted '
    print ' accesses granted '
    print ' accesses granted '
    print ' accesses granted '
    print 'this service is temporarily unavailable'

else :
    print 'INTRUDER ALERT !!!!' , 'SYSTEM LOCKED'
    print 'INTRUDER ALERT !!!!' , 'SYSTEM LOCKED'
    print 'INTRUDER ALERT !!!!' , 'SYSTEM LOCKED'
    exit()

Answer 3

Right now you are checking if the given password, passw, matches any keys in users (not right). You need to see if the password entered matches that particular user's password. Since you have already checked if the username exists in the dictionary's keys you don't have to check again, so try something like:

if passw == users[login]:
    print "Login successful!\n"

EDIT:

For your updated code, I'm going to assume by "infinite loop" you mean that you cannot use q to exit the program. It's because when you're inside displayMenu, you save user input in a local variable named status. This local variable does not refer to the same status where you are checking,

while status != "q": 

In other words, you are using the variable status in two different scopes (changing the inner scope does not change the outer).

There are many ways to fix this, one of which would be changing,

while status != "q":
    status = displayMenu()

And adding a return statement at the end of displayMenu like so,

return status

By doing this, you are saving the new value of status from local scope of displayMenu to global scope of your script so that the while loop can work properly.

Another way would be to add this line to the beginning of displayMenu,

global status

This tells Python that status within displayMenu refers to the global scoped status variable and not a new local scoped one.

Answer 4

Please encrypt you passwords in database if you go put this online. Good work.

import md5
import sys
# i already made an md5 hash of the password: PASSWORD
password = "319f4d26e3c536b5dd871bb2c52e3178" 
def checkPassword():
    for key in range(3):
        #get the key
        p = raw_input("Enter the password >>")
        #make an md5 object
        mdpass = md5.new(p)
        #hexdigest returns a string of the encrypted password
        if mdpass.hexdigest() == password:
            #password correct
            return True
        else:
            print 'wrong password, try again'
    print 'you have failed'
    return False

def main():
    if checkPassword():
        print "Your in"
        #continue to do stuff

    else:
        sys.exit()
if __name__ == '__main__':
    main()

Answer 5

change

if login in users and passw in users: # login matches password

to

if users[login] == passw: # login matches password

Besides, you should not tell the hackers that "User doesn't exist!". A better solution is to tell a generall reason like: "User doesn't exist or password error!"