fix: move to format strings everywhere

bendehaan · bendehaan · commit 7c908df11481 · 2025-10-20T22:45:41.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -2,6 +2,8 @@
 *.pyc
 __pycache__
 *.sqlite
+*.sqlite-wal
+*.sqlite-shm
 
 # Byte-compiled / optimized / DLL files
 __pycache__/
diff --git a/api_list.py b/api_list.py
@@ -3,18 +3,18 @@
 import click
 import requests
 
+
 @click.command()
-@click.argument('username')
+@click.argument("username")
 def cmd_api_client(username):
-
-    r = requests.get('http://127.0.1.1:5000/api/post/{}'.format(username))
+    r = requests.get(f"http://127.0.1.1:5000/api/post/{username}")
     if r.status_code != 200:
-        click.echo('Some error ocurred. Status Code: {}'.format(r.status_code))
+        click.echo(f"Some error ocurred. Status Code: {r.status_code}")
         print(r.text)
         return False
 
     print(r.text)
 
 
-if __name__ == '__main__':
+if __name__ == "__main__":
     cmd_api_client()
diff --git a/api_post.py b/api_post.py
@@ -3,33 +3,41 @@
 import click
 import requests
 
-api_key_file = Path('/tmp/supersecret.txt')
+api_key_file = Path("/tmp/supersecret.txt")
+
 
 @click.command()
-@click.argument('message')
+@click.argument("message")
 def cmd_api_client(message):
     if not api_key_file.exists():
+        username = click.prompt("Username")
+        password = click.prompt("Password", hide_input=True)
 
-        username = click.prompt('Username')
-        password = click.prompt('Password', hide_input=True)
-
-        r = requests.post('http://127.0.1.1:5000/api/key', json={'username':username, 'password':password})
+        r = requests.post(
+            "http://127.0.1.1:5000/api/key",
+            json={"username": username, "password": password},
+        )
 
         if r.status_code != 200:
-            click.echo('Invalid authentication or other error ocurred. Status code: {}'.format(r.status_code))
+            click.echo(
+                f"Invalid authentication or other error ocurred. Status code: {r.status_code}"
+            )
             return False
 
+        api_key = r.json()["key"]
+        print("Received key:", api_key)
 
-        api_key = r.json()['key']
-        print('Received key:', api_key)
-
-        with api_key_file.open('w') as outfile:
+        with api_key_file.open("w") as outfile:
             outfile.write(api_key)
 
     api_key = api_key_file.open().read()
-    r = requests.post('http://127.0.1.1:5000/api/post', json={'text':message}, headers={'X-APIKEY': api_key})
+    r = requests.post(
+        "http://127.0.1.1:5000/api/post",
+        json={"text": message},
+        headers={"X-APIKEY": api_key},
+    )
     print(r.text)
 
 
-if __name__ == '__main__':
+if __name__ == "__main__":
     cmd_api_client()
diff --git a/brute.py b/brute.py
@@ -7,18 +7,18 @@
 username = sys.argv[2]
 
 passwords = [
-    '1',
-    '12',
-    '123',
-    '1234',
-    '12345',
-    '123456',
-    '12345678',
-    '123123123',
+    "1",
+    "12",
+    "123",
+    "1234",
+    "12345",
+    "123456",
+    "12345678",
+    "123123123",
 ]
 
 for password in passwords:
     result = subprocess.run([program, username, password], stdout=subprocess.DEVNULL)
     if result.returncode == 0:
-        print("cracked! user: {} password: {}".format(username, password))
+        print(f"cracked! user: {username} password: {password}")
         break
diff --git a/libapi.py b/libapi.py
@@ -6,31 +6,30 @@
 
 
 def keygen(username, password=None):
-
     if password:
         if not libuser.login(username, password):
             return None
 
     key = hashlib.sha256(str(random.getrandbits(2048)).encode()).hexdigest()
 
-    for f in Path('/tmp/').glob('vulpy.apikey.' + username + '.*'):
-        print('removing', f)
+    for f in Path("/tmp/").glob("vulpy.apikey." + username + ".*"):
+        print("removing", f)
         f.unlink()
 
-    keyfile = '/tmp/vulpy.apikey.{}.{}'.format(username, key)
+    keyfile = f"/tmp/vulpy.apikey.{username}.{key}"
 
     Path(keyfile).touch()
 
     return key
 
 
 def authenticate(request):
-    if 'X-APIKEY' not in request.headers:
+    if "X-APIKEY" not in request.headers:
         return None
 
-    key = request.headers['X-APIKEY']
+    key = request.headers["X-APIKEY"]
 
-    for f in Path('/tmp/').glob('vulpy.apikey.*.' + key):
-        return f.name.split('.')[2]
+    for f in Path("/tmp/").glob("vulpy.apikey.*." + key):
+        return f.name.split(".")[2]
 
     return None
diff --git a/libuser.py b/libuser.py
@@ -10,9 +10,7 @@ def login(username, password):
     print(username)
     print(password)
     user = c.execute(
-        "SELECT * FROM users WHERE username = '{}' and password = '{}'".format(
-            username, password
-        )
+        f"SELECT * FROM users WHERE username = '{username}' and password = '{password}'"
     ).fetchone()
 
     if user:
@@ -54,11 +52,7 @@ def password_change(username, password):
     conn.row_factory = sqlite3.Row
     c = conn.cursor()
 
-    c.execute(
-        "UPDATE users SET password = '{}' WHERE username = '{}'".format(
-            password, username
-        )
-    )
+    c.execute(f"UPDATE users SET password = '{password}' WHERE username = '{username}'")
     conn.commit()
 
     return True
