Tbh, I think that you’re over complicating this with the
.csv file is just that; it’s a file in which the record data fields are separated by a comma and each record has a newline terminator, which is why the csv sample I posted looks like this:
The format there is
username,password, but that is easy to attack, as you’ll see, if you find the
sha256 hashes for
rob. If any ‘attacker’ does that, they have 50% of the puzzle solved; now to crack the other half. For your password, that’s not so hard, as I’ve simply used the information that is clearly shown in your posts, but for mine, well, good luck with that.
What would better? Well, how about the same information stored as:
Now it’s not so easy, right? But it can still be done, given that we know what the first two hashes are, so the entire system is still reliant on some sensible choices being made by the user, with regard to both their user name and their password, as well as some sensible choices being made by the system designer, so that it’s not so easy for an attacker to suss out the components of the table: enter what @hansgeunsmeyer has posted regarding the use of a ‘salt’, but I think that we’re getting somewhat ahead of the curve right now, as you’ve yet to get the
csv read/write working correctly (unless I’ve missed something).
One way forward would be to separate all the operations, putting each of them into their own custom functions, so that you can build and test each function. Then glue all the functions together with some ‘driver code’. Indeed you have already made some good progress with regard to that approach, but you seem to have digressed a little toward the end. I could do all that for you, but I believe that you would learn a great deal more from this project if you were to do that for yourself, posting back with any questions that you may have along the way. In fact, I would go so far as to even farm out the hashing part of the script to its own function, so that the hashing can simply be switched in or out.
Edit to add: you could simplify the question regarding the registration of a new account:
response = False
while not response:
response = input("Would you like to register a new account? (Y/N)").upper()
# the .upper() method is used so that the user need not bother about that detail
if response not in ("Y", "N"): # now it's easy to test
response = False
if response == "Y":
else: # it has to be N
pass # a placeholder for what to do with this event
That should work, but I’ve not tested it; I’ve simply coded that on the fly and as such it may need some tinker time.