Would like yo get advice for attached python program. Can we use dictionary as database for very basic login system program?

Question

I am trying to create login system program, where "name", "email" and "password" has to be taken fron user as input and save as Dictionary in text file. I am stuck on how to assign each dicitionary a variable. Also, once the user comes again after registration, there should be password check done against the dictionary text file which i am not sure. Pls look into the below code and assist?

#! usr/bin/python3
# Login project sample
import json
def login():

    print("Welcome to login system")
    New_user = input("Are you a new user? type yes or no: ")
    if New_user == "yes":
        a = {}
        Name = input("Enter your name: ")
        Email = input("Enter the email: ")
        Password = input("Enter the password: ")
        a["Name"] = (Name)
        a["Email"] = (Email)
        a["Password"] = (Password)
        print(a)
        with open("login.txt", "a+") as f:
            f.seek(0)
            data = f.read(100)
            if len(data) > 0:
                f.write("\n")
                x = str(range(1,100))
                f.write(x + "=" + json.dumps(a))
                x = x + 1
    else:
        b={}
        def login1():

            Email = input("Enter the email: ")
            Password = input("Enter the password: ")
            b["Email"] = (Email)
            b["Password"] = (Password)
            with open("login.txt", "r") as r:
                f.seek(0)
                i = range(100)
                if i.keys() in b.keys() and i.value() in b.value():
                    print("Login is successfull")
                else:
                    login1()
login()

Answer 1

I would advise against 1) using dictionary as a way of persistently storing authentication data, 2) storing users password directly in such database.

If you don't really need to use a dictionary then some simple solution like sqlite (.db file instead of .txt file) with some hashing library can help you achieve your goal. The code could look something like that:

import sqlite3
import hashlib


def create_table():
    query = "DROP TABLE IF EXISTS login"
    cursor.execute(query)
    conn.commit()

    query = "CREATE TABLE login(name VARCHAR DEFAULT '', email VARCHAR NOT NULL UNIQUE, password VARCHAR NOT NULL)"
    cursor.execute(query)
    conn.commit()

def add_user(name, email, raw_password):
    query = "INSERT INTO login (name, email, password) VALUES (?, ?, ?)"
    hashed_password = hashlib.sha256(raw_password.encode('utf-8')).hexdigest()
    cursor.execute(query, (name, email, hashed_password))
    conn.commit()

def check_user(name, email, raw_password):
    query = 'SELECT * FROM login WHERE name = ? AND email = ? AND password = ?'
    hashed_password = hashlib.sha256(raw_password.encode('utf-8')).hexdigest()
    cursor.execute(query, (name, email, hashed_password))
    result = cursor.fetchone()
    conn.commit()
    print('[DEBUG][check] result:', result)
    return result

def login():
    answer = input("Login (Y/N): ")
    if answer.lower() == "y":
        name = input("Name: ")
        email = input("Email: ")
        password = input("Password: ")
        if check_user(name, email, password):
            print("Email correct!")
            print("Password correct!")
            print("Logging in...")
        else:
            print("Something wrong")

# --- main ---

conn = sqlite3.connect("users.db")
cursor = conn.cursor()

create_table()  # use only once

name = input("New name: ")
email = input("New email: ")
password = input("New password: ")

add_user(name, email, password)

login()

cursor.close()
conn.close()