add base for user management, working POST function for hblink authentication
This commit is contained in:
parent
1902234e87
commit
72d0ca87e5
43
hblink.py
43
hblink.py
|
@ -57,6 +57,9 @@ logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
# Used for user auth
|
# Used for user auth
|
||||||
import os, ast
|
import os, ast
|
||||||
|
import requests, json
|
||||||
|
import base64
|
||||||
|
|
||||||
|
|
||||||
# Does anybody read this stuff? There's a PEP somewhere that says I should do this.
|
# Does anybody read this stuff? There's a PEP somewhere that says I should do this.
|
||||||
__author__ = 'Cortney T. Buffington, N0MJS'
|
__author__ = 'Cortney T. Buffington, N0MJS'
|
||||||
|
@ -97,25 +100,22 @@ def hblink_handler(_signal, _frame):
|
||||||
# on matching and the action specified.
|
# on matching and the action specified.
|
||||||
def acl_check(_id, _acl):
|
def acl_check(_id, _acl):
|
||||||
id = int_id(_id)
|
id = int_id(_id)
|
||||||
## print('acl')
|
|
||||||
## print(_acl)
|
|
||||||
## print(type(_acl))
|
|
||||||
for entry in _acl[1]:
|
for entry in _acl[1]:
|
||||||
if entry[0] <= id <= entry[1]:
|
if entry[0] <= id <= entry[1]:
|
||||||
return _acl[0]
|
return _acl[0]
|
||||||
return not _acl[0]
|
return not _acl[0]
|
||||||
|
|
||||||
def check_db(_id):
|
def check_user_man(_id):
|
||||||
print(user_db)
|
#Change this to a config value
|
||||||
if int_id(_id) in user_db:
|
user_man_url = 'http://localhost:8080/auth'
|
||||||
print('Found in DB')
|
auth_check = {
|
||||||
return True
|
'id':int_id(_id)
|
||||||
if int_id(_id) not in user_db:
|
}
|
||||||
print('Not found in DB')
|
json_object = json.dumps(auth_check, indent = 4)
|
||||||
return False
|
req = requests.post(user_man_url, data=json_object, headers={'Content-Type': 'application/json'})
|
||||||
|
resp = json.loads(req.text)
|
||||||
|
return resp
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#************************************************
|
#************************************************
|
||||||
# OPENBRIDGE CLASS
|
# OPENBRIDGE CLASS
|
||||||
#************************************************
|
#************************************************
|
||||||
|
@ -425,7 +425,10 @@ class HBSYSTEM(DatagramProtocol):
|
||||||
# Check to see if we've reached the maximum number of allowed peers
|
# Check to see if we've reached the maximum number of allowed peers
|
||||||
if len(self._peers) < self._config['MAX_PEERS']:
|
if len(self._peers) < self._config['MAX_PEERS']:
|
||||||
# Check for valid Radio ID
|
# Check for valid Radio ID
|
||||||
if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and check_db(_peer_id):
|
self.ums_response = check_user_man(_peer_id)
|
||||||
|
|
||||||
|
if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and self.ums_response['allow']:
|
||||||
|
|
||||||
# Build the configuration data strcuture for the peer
|
# Build the configuration data strcuture for the peer
|
||||||
self._peers.update({_peer_id: {
|
self._peers.update({_peer_id: {
|
||||||
'CONNECTION': 'RPTL-RECEIVED',
|
'CONNECTION': 'RPTL-RECEIVED',
|
||||||
|
@ -466,7 +469,6 @@ class HBSYSTEM(DatagramProtocol):
|
||||||
|
|
||||||
elif _command == RPTK: # Repeater has answered our login challenge
|
elif _command == RPTK: # Repeater has answered our login challenge
|
||||||
_peer_id = _data[4:8]
|
_peer_id = _data[4:8]
|
||||||
print(int_id(_peer_id))
|
|
||||||
if _peer_id in self._peers \
|
if _peer_id in self._peers \
|
||||||
and self._peers[_peer_id]['CONNECTION'] == 'CHALLENGE_SENT' \
|
and self._peers[_peer_id]['CONNECTION'] == 'CHALLENGE_SENT' \
|
||||||
and self._peers[_peer_id]['SOCKADDR'] == _sockaddr:
|
and self._peers[_peer_id]['SOCKADDR'] == _sockaddr:
|
||||||
|
@ -474,7 +476,16 @@ class HBSYSTEM(DatagramProtocol):
|
||||||
_this_peer['LAST_PING'] = time()
|
_this_peer['LAST_PING'] = time()
|
||||||
_sent_hash = _data[8:]
|
_sent_hash = _data[8:]
|
||||||
_salt_str = bytes_4(_this_peer['SALT'])
|
_salt_str = bytes_4(_this_peer['SALT'])
|
||||||
_calc_hash = bhex(sha256(_salt_str+user_db[int_id(_peer_id)]).hexdigest())
|
#print(self.ums_response)
|
||||||
|
|
||||||
|
if self.ums_response['mode'] == 'legacy':
|
||||||
|
_calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
|
||||||
|
if self.ums_response['mode'] == 'override':
|
||||||
|
_calc_hash = bhex(sha256(_salt_str+str.encode(self.ums_response['value'])).hexdigest())
|
||||||
|
if self.ums_response['mode'] == 'normal':
|
||||||
|
calc_passphrase = base64.b64encode((_peer_id) + int(1).to_bytes(2, 'big'))
|
||||||
|
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
|
||||||
|
|
||||||
if _sent_hash == _calc_hash:
|
if _sent_hash == _calc_hash:
|
||||||
_this_peer['CONNECTION'] = 'WAITING_CONFIG'
|
_this_peer['CONNECTION'] = 'WAITING_CONFIG'
|
||||||
self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
|
self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
|
||||||
|
|
|
@ -0,0 +1,38 @@
|
||||||
|
from flask import Flask, render_template, request, Response, Markup, jsonify, make_response
|
||||||
|
|
||||||
|
auth_dict = {
|
||||||
|
3153591:'hello'
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
app = Flask(__name__)
|
||||||
|
|
||||||
|
@app.route('/auth', methods=['POST'])
|
||||||
|
def auth():
|
||||||
|
hblink_req = request.json
|
||||||
|
print(type(auth_dict[hblink_req['id']]))
|
||||||
|
if hblink_req['id'] in auth_dict:
|
||||||
|
if auth_dict[hblink_req['id']] == 0:
|
||||||
|
response = jsonify(
|
||||||
|
allow=True,
|
||||||
|
mode='legacy',
|
||||||
|
)
|
||||||
|
elif auth_dict[hblink_req['id']] == '':
|
||||||
|
# normal
|
||||||
|
response = jsonify(
|
||||||
|
allow=True,
|
||||||
|
mode='normal',
|
||||||
|
)
|
||||||
|
elif auth_dict[hblink_req['id']] != '' or auth_dict[hblink_req['id']] != 0:
|
||||||
|
response = jsonify(
|
||||||
|
allow=True,
|
||||||
|
mode='override',
|
||||||
|
value=auth_dict[hblink_req['id']]
|
||||||
|
)
|
||||||
|
return response
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
|
||||||
|
app.run(debug = True, port=8080, host='127.0.0.1')
|
Loading…
Reference in New Issue