#!/usr/bin/env python

#
# Copyright (c) 2011 Brian House
# 
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# 
# See <http://www.gnu.org/licenses/gpl.html> for details.
# 

""" For more info / discussion:
    http://blog.brianhouse.net/post/9238713654
"""

import os, sys, hashlib, base64, cgi

try:
    if 'REQUEST_METHOD' not in os.environ:
        # it's a cli command
        site = sys.argv[1]          # single word, lowercase alpha, drop top-level domains
        master = sys.argv[2]        # easily memorized master password (for salting the hash, so seeing this algorithm wont help h4x0rs)
    else:
        # it's a web request        
        print("Content-Type: text/plain\n")
        fs = cgi.FieldStorage()    
        site = fs['site'].value
        master = fs['master'].value
except (IndexError, KeyError):
    print("usage: [site] [master]")
    exit()
    
hashed = hashlib.sha256(site + master).hexdigest()  # make sure this only goes one way
encoded = base64.b64encode(hashed)                  # get a nicer distribution of characters
encoded = encoded[16]                               # reasonable length for forms but still pretty long (+4 below)

cset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^*()_-+="    # transpose to a full set of friendly, memorizable characters (top row punc w/o &)
result = [cset[ord(char) % len(cset)] for char in encoded]

print(''.join(result) + "aB3!")    # add aB3! to ensure we get a lowercase, an uppercase, and punctuation to fulfill site requirements