SQLite da xavfsizlik asosan fayl darajasida amalga oshiriladi. Ma'lumotlar bazasi faylini himoya qilish va foydalanuvchi autentifikatsiyasi muhim.
# Parol hash qilish
import hashlib
import secrets
import sqlite3
class PasswordManager:
def __init__(self, db_path):
self.db_path = db_path
self.init_database()
def init_database(self):
"""Ma'lumotlar bazasini ishga tushirish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
CREATE TABLE IF NOT EXISTS users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT UNIQUE NOT NULL,
password_hash TEXT NOT NULL,
salt TEXT NOT NULL,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
)
''')
def hash_password(self, password, salt=None):
"""Parolni hash qilish"""
if salt is None:
salt = secrets.token_hex(32)
password_bytes = password.encode()
salt_bytes = salt.encode()
# PBKDF2 ishlatish
hash_obj = hashlib.pbkdf2_hmac('sha256', password_bytes, salt_bytes, 100000)
password_hash = hash_obj.hex()
return password_hash, salt
def verify_password(self, password, password_hash, salt):
"""Parolni tekshirish"""
computed_hash, _ = self.hash_password(password, salt)
return computed_hash == password_hash
def create_user(self, username, password):
"""Foydalanuvchi yaratish"""
password_hash, salt = self.hash_password(password)
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
INSERT INTO users (username, password_hash, salt)
VALUES (?, ?, ?)
''', (username, password_hash, salt))
conn.commit()
def authenticate_user(self, username, password):
"""Foydalanuvchini autentifikatsiya qilish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
SELECT password_hash, salt FROM users WHERE username = ?
''', (username,))
result = cursor.fetchone()
if result:
password_hash, salt = result
return self.verify_password(password, password_hash, salt)
return False
# Foydalanish
password_manager = PasswordManager('secure.db')
# Foydalanuvchi yaratish
password_manager.create_user('admin', 'secure_password123')
# Autentifikatsiya
if password_manager.authenticate_user('admin', 'secure_password123'):
print("Login muvaffaqiyatli!")
else:
print("Login xato!")# Xavfsiz kutubxona tizimi
import sqlite3
import hashlib
import secrets
from datetime import datetime, timedelta
class SecureLibrary:
def __init__(self, db_path):
self.db_path = db_path
self.init_database()
def init_database(self):
"""Ma'lumotlar bazasini ishga tushirish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
# Foydalanuvchilar jadvali
cursor.execute('''
CREATE TABLE IF NOT EXISTS users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT UNIQUE NOT NULL,
password_hash TEXT NOT NULL,
salt TEXT NOT NULL,
role TEXT DEFAULT 'user',
is_active BOOLEAN DEFAULT 1,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
last_login DATETIME
)
''')
# Kitoblar jadvali
cursor.execute('''
CREATE TABLE IF NOT EXISTS books (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT NOT NULL,
author TEXT NOT NULL,
isbn TEXT UNIQUE,
price REAL,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
)
''')
# Ijara jadvali
cursor.execute('''
CREATE TABLE IF NOT EXISTS loans (
id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER,
book_id INTEGER,
loan_date DATE DEFAULT CURRENT_DATE,
return_date DATE,
is_returned BOOLEAN DEFAULT 0,
FOREIGN KEY (user_id) REFERENCES users(id),
FOREIGN KEY (book_id) REFERENCES books(id)
)
''')
# Faoliyat jurnali
cursor.execute('''
CREATE TABLE IF NOT EXISTS activity_log (
id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id INTEGER,
action TEXT,
details TEXT,
ip_address TEXT,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (user_id) REFERENCES users(id)
)
''')
def hash_password(self, password, salt=None):
"""Parolni hash qilish"""
if salt is None:
salt = secrets.token_hex(32)
password_bytes = password.encode()
salt_bytes = salt.encode()
hash_obj = hashlib.pbkdf2_hmac('sha256', password_bytes, salt_bytes, 100000)
return hash_obj.hex(), salt
def create_user(self, username, password, role='user'):
"""Foydalanuvchi yaratish"""
password_hash, salt = self.hash_password(password)
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
INSERT INTO users (username, password_hash, salt, role)
VALUES (?, ?, ?, ?)
''', (username, password_hash, salt, role))
conn.commit()
def authenticate_user(self, username, password):
"""Foydalanuvchini autentifikatsiya qilish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
SELECT id, password_hash, salt, role, is_active
FROM users WHERE username = ?
''', (username,))
result = cursor.fetchone()
if result:
user_id, password_hash, salt, role, is_active = result
if not is_active:
return None, "Foydalanuvchi faol emas"
if self.verify_password(password, password_hash, salt):
# Login vaqtini yangilash
cursor.execute('''
UPDATE users SET last_login = CURRENT_TIMESTAMP WHERE id = ?
''', (user_id,))
conn.commit()
return {'id': user_id, 'username': username, 'role': role}, None
else:
return None, "Noto'g'ri parol"
else:
return None, "Foydalanuvchi topilmadi"
def verify_password(self, password, password_hash, salt):
"""Parolni tekshirish"""
computed_hash, _ = self.hash_password(password, salt)
return computed_hash == password_hash
def log_activity(self, user_id, action, details, ip_address=None):
"""Faoliyat yozish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
INSERT INTO activity_log (user_id, action, details, ip_address)
VALUES (?, ?, ?, ?)
''', (user_id, action, details, ip_address))
conn.commit()
def add_book(self, title, author, isbn, price):
"""Kitob qo'shish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
INSERT INTO books (title, author, isbn, price)
VALUES (?, ?, ?, ?)
''', (title, author, isbn, price))
conn.commit()
def loan_book(self, user_id, book_id):
"""Kitob ijaraga berish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
# Kitob mavjudligini tekshirish
cursor.execute('SELECT id FROM books WHERE id = ?', (book_id,))
if not cursor.fetchone():
return False, "Kitob topilmadi"
# Faol ijara borligini tekshirish
cursor.execute('''
SELECT id FROM loans WHERE book_id = ? AND is_returned = 0
''', (book_id,))
if cursor.fetchone():
return False, "Kitob allaqachon ijarada"
# Ijara yaratish
cursor.execute('''
INSERT INTO loans (user_id, book_id) VALUES (?, ?)
''', (user_id, book_id))
conn.commit()
return True, "Kitob muvaffaqiyatli ijaraga berildi"
def return_book(self, user_id, book_id):
"""Kitob qaytarish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
UPDATE loans SET is_returned = 1, return_date = CURRENT_DATE
WHERE user_id = ? AND book_id = ? AND is_returned = 0
''', (user_id, book_id))
if cursor.rowcount > 0:
conn.commit()
return True, "Kitob muvaffaqiyatli qaytarildi"
else:
return False, "Ijara topilmadi"
def get_user_loans(self, user_id):
"""Foydalanuvchi ijaralari"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute('''
SELECT l.id, b.title, b.author, l.loan_date, l.return_date, l.is_returned
FROM loans l
INNER JOIN books b ON l.book_id = b.id
WHERE l.user_id = ?
ORDER BY l.loan_date DESC
''', (user_id,))
return cursor.fetchall()
def get_activity_log(self, user_id=None):
"""Faoliyat jurnali"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
if user_id:
cursor.execute('''
SELECT u.username, al.action, al.details, al.ip_address, al.created_at
FROM activity_log al
INNER JOIN users u ON al.user_id = u.id
WHERE al.user_id = ?
ORDER BY al.created_at DESC
''', (user_id,))
else:
cursor.execute('''
SELECT u.username, al.action, al.details, al.ip_address, al.created_at
FROM activity_log al
INNER JOIN users u ON al.user_id = u.id
ORDER BY al.created_at DESC
''')
return cursor.fetchall()
# Foydalanish
if __name__ == "__main__":
library = SecureLibrary('secure_library.db')
# Admin foydalanuvchi yaratish
library.create_user('admin', 'admin123', 'admin')
library.create_user('user1', 'user123', 'user')
# Autentifikatsiya
user, error = library.authenticate_user('admin', 'admin123')
if user:
print(f"Login muvaffaqiyatli: {user['username']} ({user['role']})")
# Faoliyat yozish
library.log_activity(user['id'], 'LOGIN', 'Foydalanuvchi tizimga kirdi', '127.0.0.1')
# Kitob qo'shish
library.add_book('Python Programming', 'John Doe', '978-1234567890', 45.99)
library.add_book('JavaScript Guide', 'Jane Smith', '978-1234567891', 35.50)
# Kitob ijaraga berish
success, message = library.loan_book(user['id'], 1)
print(f"Ijara: {message}")
# Ijaralar ro'yxati
loans = library.get_user_loans(user['id'])
print("Ijaralar:")
for loan in loans:
print(f" - {loan[1]} ({loan[2]}) - {loan[3]} - {'Qaytarilgan' if loan[5] else 'Faol'}")
# Faoliyat jurnali
activities = library.get_activity_log(user['id'])
print("Faoliyat jurnali:")
for activity in activities:
print(f" - {activity[0]}: {activity[1]} - {activity[2]} ({activity[4]})")
else:
print(f"Login xato: {error}")# Fayl himoyasi script
import os
import stat
import sqlite3
from pathlib import Path
class DatabaseSecurity:
def __init__(self, db_path):
self.db_path = db_path
self.secure_database()
def secure_database(self):
"""Ma'lumotlar bazasini xavfsiz qilish"""
if os.path.exists(self.db_path):
# Fayl ruxsatlarini o'rnatish
os.chmod(self.db_path, stat.S_IRUSR | stat.S_IWUSR) # 600
# Fayl egasini tekshirish
file_stat = os.stat(self.db_path)
print(f"Fayl egasi: {file_stat.st_uid}")
print(f"Fayl guruhi: {file_stat.st_gid}")
print(f"Fayl ruxsatlari: {oct(file_stat.st_mode)}")
def backup_database(self, backup_path):
"""Xavfsiz backup yaratish"""
if os.path.exists(self.db_path):
# Backup faylini yaratish
with open(backup_path, 'w') as backup_file:
with sqlite3.connect(self.db_path) as conn:
for line in conn.iterdump():
backup_file.write(line + '\n')
# Backup faylini xavfsiz qilish
os.chmod(backup_path, stat.S_IRUSR | stat.S_IWUSR) # 600
print(f"Backup yaratildi: {backup_path}")
def verify_database_integrity(self):
"""Ma'lumotlar bazasi yaxlitligini tekshirish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute("PRAGMA integrity_check")
result = cursor.fetchone()
if result[0] == 'ok':
print("Ma'lumotlar bazasi yaxlit")
return True
else:
print(f"Ma'lumotlar bazasi buzilgan: {result[0]}")
return False
def optimize_database(self):
"""Ma'lumotlar bazasini optimizatsiya qilish"""
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
# VACUUM
cursor.execute("VACUUM")
# ANALYZE
cursor.execute("ANALYZE")
# Ma'lumotlar bazasi hajmini tekshirish
cursor.execute("PRAGMA page_count")
page_count = cursor.fetchone()[0]
cursor.execute("PRAGMA page_size")
page_size = cursor.fetchone()[0]
total_size = page_count * page_size
print(f"Ma'lumotlar bazasi hajmi: {total_size} bytes")
# Foydalanish
if __name__ == "__main__":
# Ma'lumotlar bazasini xavfsiz qilish
db_security = DatabaseSecurity('secure_library.db')
# Backup yaratish
db_security.backup_database('secure_library_backup.sql')
# Yaxlitlikni tekshirish
db_security.verify_database_integrity()
# Optimizatsiya
db_security.optimize_database()