Immutable user input

Hello Forum :slight_smile:
I want to make a python selenium bot where a user can input his username and password after that i want this two variables to be immutable.
Any ideas how to make this withPython

Python does not really believe in immutability.

You could make an object with ‘private’ variables and a getter, but private variables are only private by a gentleman’s agreement. They are actually accessable publically if you know the name of them, but polite users ignore object data in variables prefaced with an _.

What first came to my head:

In [1]: username = input()
testuser01

In [2]: password = input()
password01

In [3]: creds = (username, password)

In [4]: print(f'Username: {creds[0]}, Unencrypted Password: {creds[1]}')
Username: testuser01, Unencrypted Password: password01

creds is immutable:

In [5]: creds[0] = 'testuser02'
---------------------------------------------------------------------------
TypeError                                 Traceback (most recent call last)
<ipython-input-5-f64a115267c9> in <module>
----> 1 creds[0] = 'testuser02'

TypeError: 'tuple' object does not support item assignment

In [6]: creds[1] = 'Secure01!'
---------------------------------------------------------------------------
TypeError                                 Traceback (most recent call last)
<ipython-input-6-42af69959e98> in <module>
----> 1 creds[1] = 'Secure01!'

TypeError: 'tuple' object does not support item assignment

Whether it’s right for you – what do you think?

Edit: Okay, so I took this a step further…

You can nuke the username and password values:

In [7]: del username, password

In [8]: username
---------------------------------------------------------------------------
NameError                                 Traceback (most recent call last)
<ipython-input-8-407fefd38331> in <module>
----> 1 username

NameError: name 'username' is not defined

In [9]: password
---------------------------------------------------------------------------
NameError                                 Traceback (most recent call last)
<ipython-input-9-c8fed00eb2e8> in <module>
----> 1 password

NameError: name 'password' is not defined
2 Likes

As naltun suggests, use a tuple. That should do the trick.

Sure, though the tuple itself can still be replaced, so you would still need to protect access to the tuple.

1 Like

I wonder if adding extra code to protect the tuple is adding unneeded complexity.

…a python selenium bot where a user can input his username and password after that i want this two variables to be immutable.

If the program is not written in a way to change the state of the variable holding the tuple, then this work can be concluded.

But I’m curious – why do you think we should protect the variable at this point?

Really, we don’t have enough data to go off of, like what is the bot doing with this information?

But I think this is the key point:

If the program is not written in a way to change the state of the variable holding the tuple

If the bot is accessing this data a lot, then its pretty easy to accidentally overwrite a variable floating out there in the global space. Programmers write bugs. It just happens.

With Python’s tendency to bulldoze forward, a bug like that can sometimes be a pain to find. Using a getter makes it harder to make those sorts of bugs. If you don’t touch the source of truth directly, it is easier to avoid accidentally changing it.

Something like

class user:
  def __init__(self, name, password):
    self._name = name
    self._password = password

  def get_name(self):
    return self._name

  def get_password(self):
    return self._password

# Test data protection
my_user = user("Jeremy", "2Infinity&Beeond")
print(my_user.get_password()) # Works fine
my_user.password = "SecretSqur3l" # Protection
print(my_user.get_password()) # Didn't destroy data

prevents those sorts of bugs and isn’t really what I’d call ‘complex’.

This has the added benefit of being far more readable than

my_user = ("Jeremy", "2Infinity&Beeyond")

my_user[1] # wait... what was entry 0 and what was entry 1 again.....?

You can still overwrite the variable my_user, but you’ll catch it pretty quick if you do not explicitly call the constructor again to create a new user object. But you can pretty easily overwrite a tuple with something else that has a 0 and 1 entry and not catch that for a while.

I am perhaps a bit paranoid, but if you need ‘immutablish’ in Python, then I think paranoia is warranted.


Though… this has the bot handling cleartext passwords, which is a terrible, terrible idea.

Sorry for my late respond and thanks to everyone who gave me a answer.
The thing is that I want to make a bot that will ask you only the first time u start it for a username and password after that it will be stored as a user_input.
I want to make this two input variables (username, password) to be immutable for the people which are using this bot.
The problem is that anybody could probably open the file and change the input variables for a tuple to a list or even simpler just change the strings.

Does it make any sense ?
I hope so :slight_smile:

You should NEVER store passwords in a plaintext file.

1 Like

okey thanks for the advice i will read/watch a best practice tutorial on this topic!