From a93a61d05b415d5051a1da4e55db337d4cb28694 Mon Sep 17 00:00:00 2001 From: KF7EEL Date: Thu, 6 May 2021 08:09:47 -0700 Subject: [PATCH] save progress, made config options --- config.py | 8 ++++++ hblink.py | 53 +++++++++++++++++++++++++---------- user_managment/application.py | 16 +++++++++-- 3 files changed, 59 insertions(+), 18 deletions(-) diff --git a/config.py b/config.py index 7600642..3ad4a26 100755 --- a/config.py +++ b/config.py @@ -107,6 +107,7 @@ def build_config(_config_file): CONFIG['REPORTS'] = {} CONFIG['LOGGER'] = {} CONFIG['ALIASES'] = {} + CONFIG['USER_MANAGER'] = {} CONFIG['SYSTEMS'] = {} try: @@ -153,6 +154,12 @@ def build_config(_config_file): 'STALE_TIME': config.getint(section, 'STALE_DAYS') * 86400, }) + elif section == 'USER_MANAGER': + CONFIG['USER_MANAGER'].update({ + 'URL': config.get(section, 'URL'), + 'APPEND_INT': config.getint(section, 'APPEND_INT'), + }) + elif config.getboolean(section, 'ENABLED'): if config.get(section, 'MODE') == 'PEER': CONFIG['SYSTEMS'].update({section: { @@ -249,6 +256,7 @@ def build_config(_config_file): CONFIG['SYSTEMS'].update({section: { 'MODE': config.get(section, 'MODE'), 'ENABLED': config.getboolean(section, 'ENABLED'), + 'USE_USER_MAN': config.getboolean(section, 'USE_USER_MAN'), 'REPEAT': config.getboolean(section, 'REPEAT'), 'MAX_PEERS': config.getint(section, 'MAX_PEERS'), 'IP': gethostbyname(config.get(section, 'IP')), diff --git a/hblink.py b/hblink.py index 925e2f7..d6fba28 100755 --- a/hblink.py +++ b/hblink.py @@ -107,9 +107,10 @@ def acl_check(_id, _acl): def check_user_man(_id): #Change this to a config value - user_man_url = 'http://localhost:8080/auth' + user_man_url = _config['USE_USER_MAN']['URL'] + print(int(str(int_id(_id))[:7])) auth_check = { - 'id':int_id(_id) + 'id':int(str(int_id(_id))[:7]) } json_object = json.dumps(auth_check, indent = 4) req = requests.post(user_man_url, data=json_object, headers={'Content-Type': 'application/json'}) @@ -425,11 +426,24 @@ class HBSYSTEM(DatagramProtocol): # Check to see if we've reached the maximum number of allowed peers if len(self._peers) < self._config['MAX_PEERS']: # Check for valid Radio ID - self.ums_response = check_user_man(_peer_id) - - if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and self.ums_response['allow']: - - # Build the configuration data strcuture for the peer + if self._config['USE_USER_MAN'] == True: + try: + self.ums_response = check_user_man(_peer_id) + print(self.ums_response) + if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and self.ums_response['allow']: + user_auth = self.ums_response['allow'] + except Exception as e: + if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']): + user_auth = True + logger.info(e) + else: + user_auth = False + print(user_auth) + if self._config['USE_USER_MAN'] == False: + if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and acl_check(_peer_id, self._config['REG_ACL']): + user_auth = True + if user_auth == True: + # Build the configuration data strcuture for the peer self._peers.update({_peer_id: { 'CONNECTION': 'RPTL-RECEIVED', 'CONNECTED': time(), @@ -477,16 +491,25 @@ class HBSYSTEM(DatagramProtocol): _sent_hash = _data[8:] _salt_str = bytes_4(_this_peer['SALT']) #print(self.ums_response) - - if self.ums_response['mode'] == 'legacy': - _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest()) - if self.ums_response['mode'] == 'override': - _calc_hash = bhex(sha256(_salt_str+str.encode(self.ums_response['value'])).hexdigest()) - if self.ums_response['mode'] == 'normal': + try: + if self.ums_response['mode'] == 'legacy': + _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest()) + if self.ums_response['mode'] == 'override': + _calc_hash = bhex(sha256(_salt_str+str.encode(self.ums_response['value'])).hexdigest()) + if self.ums_response['mode'] == 'normal': + _new_peer_id = bytes_4(int(str(int_id(_peer_id))[:7])) + ## print(int_id(_new_peer_id)) + calc_passphrase = base64.b64encode((_new_peer_id) + _config['USE_USER_MAN']['APPEND_INT'].to_bytes(2, 'big')) + ## print(calc_passphrase) + _calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest()) + ums_down = False + except Exception as e: + # If UMS down, default to base 64 auth + logger.info(e) calc_passphrase = base64.b64encode((_peer_id) + int(1).to_bytes(2, 'big')) _calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest()) - - if _sent_hash == _calc_hash: + ums_down = True + if _sent_hash == _calc_hash or (ums_down == True and _sent_hash == _calc_hash): _this_peer['CONNECTION'] = 'WAITING_CONFIG' self.send_peer(_peer_id, b''.join([RPTACK, _peer_id])) logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID']) diff --git a/user_managment/application.py b/user_managment/application.py index 240e13a..2ae4622 100644 --- a/user_managment/application.py +++ b/user_managment/application.py @@ -1,17 +1,24 @@ from flask import Flask, render_template, request, Response, Markup, jsonify, make_response auth_dict = { - 3153591:'hello' + 3153591:'' } app = Flask(__name__) +@app.route('/') +def index(): + value = Markup('The HTML String') + return value + #return render_template('index.html', title = dashboard_title, dashboard_url = dashboard_url, logo = logo, emergency = check_emergency(), api = use_api) + + @app.route('/auth', methods=['POST']) def auth(): hblink_req = request.json - print(type(auth_dict[hblink_req['id']])) + print((auth_dict[hblink_req['id']])) if hblink_req['id'] in auth_dict: if auth_dict[hblink_req['id']] == 0: response = jsonify( @@ -29,7 +36,10 @@ def auth(): allow=True, mode='override', value=auth_dict[hblink_req['id']] - ) + ) + if hblink_req['id'] in auth_dict: + esponse = jsonify( + allow=False) return response