patternpythonModerate
Thrice nested "OS" in Python
Viewed 0 times
thricenestedpython
Problem
This Python main is what greets the user to a thrice nested super duper barebones OS. The entire rest of my code isn't bug free but this section is, and it feels dirty anyway. I'd like to know how to make it better, by adhering to conventions, or by removal of fatty code.
NOTE: I am not looking to use classes with any of this, because part of the challenge of this program is structuring it with procedural means.
NOTE: I am not looking to use classes with any of this, because part of the challenge of this program is structuring it with procedural means.
from functions import *
innerLoopFlag = False
while True:
if innerLoopFlag:
break
makeNew = raw_input("Login || Create New Account... ")
if makeNew == "c-na":
ui = createAccount()
createFileSyst(ui)
break
if makeNew == "l-a":
ui = [raw_input("Username... ").strip(),pw("Password... ").strip()]
if not os.path.isdir(ui[0]):
print "It appears that this username doesn't exist, please log in legitimately or create an account"
continue
if ui:
while True:
if takeCheck(ui):
print "Successful login..."
innerLoopFlag = True
break
else:
print "Failure logging in, retrying..."
all()
print "Goodbye", ui[0]Solution
I don't understand what you mean by "thrice nested", or why you call this an OS. I'm reviewing it as a login prompt.
The entire rest of my code isn't bug free but this section is
Beware of believing something is bug-free. It never is. This is especially important for code which needs to be secure, as this presumably does.
Now for the review:
Many variables need names that say what they mean:
Simplifications:
-
The inner loop can be simplified by making the loop condition do the work:
This also makes
Bugs:
Usability:
The entire rest of my code isn't bug free but this section is
Beware of believing something is bug-free. It never is. This is especially important for code which needs to be secure, as this presumably does.
Now for the review:
Many variables need names that say what they mean:
- What does
innerLoopFlagmean? Something likesuccessful_login, right?
makeNew:command?
ui:credentials?
createFileSyst: (There's no need to abbreviate such a rarely used name.) Something likecreateUserDirectory? But it should be called fromcreateAccount, not here.
takeCheck: What does this do? Is itisValidLogin?
all: Is it something likerunUserSession?
Simplifications:
- The conditional break at beginning of the loop can become the loop condition:
while not innerLoopFlag.
- The
if uitest is always true.
-
The inner loop can be simplified by making the loop condition do the work:
while not takeCheck(ui):
print "Failure logging in, retrying..."
print "Successful login..."
breakThis also makes
innerLoopFlag unnecessary. However, why are you retrying at all? Do you expect login to fail and then succeed?Bugs:
- Stripping the password is not safe, because passwords can contain whitespace.
- Security hole: the
isdircall lets anyone test for the existence of arbitrary directories. Imagine trying to log in with a username like '../../../some/private/directory'. Also, it depends on the current directory. Is there a user table you could look the user up in instead?
- (Revealing whether a user exists is also sometimes considered a security hole, but that's debatable.)
Usability:
- Are "c-na" and "l-a" user-supplied strings, or generated by
raw_input, or what?
- Output ending in "... " looks like a progress message ("Please wait..."), not a prompt. "Login: " and "Password: " are the standard prompts.
Code Snippets
while not takeCheck(ui):
print "Failure logging in, retrying..."
print "Successful login..."
breakContext
StackExchange Code Review Q#49565, answer score: 10
Revisions (0)
No revisions yet.