save progress, made config options

This commit is contained in:
KF7EEL 2021-05-06 08:09:47 -07:00
parent 72d0ca87e5
commit a93a61d05b
3 changed files with 59 additions and 18 deletions

View File

@ -107,6 +107,7 @@ def build_config(_config_file):
CONFIG['REPORTS'] = {} CONFIG['REPORTS'] = {}
CONFIG['LOGGER'] = {} CONFIG['LOGGER'] = {}
CONFIG['ALIASES'] = {} CONFIG['ALIASES'] = {}
CONFIG['USER_MANAGER'] = {}
CONFIG['SYSTEMS'] = {} CONFIG['SYSTEMS'] = {}
try: try:
@ -153,6 +154,12 @@ def build_config(_config_file):
'STALE_TIME': config.getint(section, 'STALE_DAYS') * 86400, 'STALE_TIME': config.getint(section, 'STALE_DAYS') * 86400,
}) })
elif section == 'USER_MANAGER':
CONFIG['USER_MANAGER'].update({
'URL': config.get(section, 'URL'),
'APPEND_INT': config.getint(section, 'APPEND_INT'),
})
elif config.getboolean(section, 'ENABLED'): elif config.getboolean(section, 'ENABLED'):
if config.get(section, 'MODE') == 'PEER': if config.get(section, 'MODE') == 'PEER':
CONFIG['SYSTEMS'].update({section: { CONFIG['SYSTEMS'].update({section: {
@ -249,6 +256,7 @@ def build_config(_config_file):
CONFIG['SYSTEMS'].update({section: { CONFIG['SYSTEMS'].update({section: {
'MODE': config.get(section, 'MODE'), 'MODE': config.get(section, 'MODE'),
'ENABLED': config.getboolean(section, 'ENABLED'), 'ENABLED': config.getboolean(section, 'ENABLED'),
'USE_USER_MAN': config.getboolean(section, 'USE_USER_MAN'),
'REPEAT': config.getboolean(section, 'REPEAT'), 'REPEAT': config.getboolean(section, 'REPEAT'),
'MAX_PEERS': config.getint(section, 'MAX_PEERS'), 'MAX_PEERS': config.getint(section, 'MAX_PEERS'),
'IP': gethostbyname(config.get(section, 'IP')), 'IP': gethostbyname(config.get(section, 'IP')),

View File

@ -107,9 +107,10 @@ def acl_check(_id, _acl):
def check_user_man(_id): def check_user_man(_id):
#Change this to a config value #Change this to a config value
user_man_url = 'http://localhost:8080/auth' user_man_url = _config['USE_USER_MAN']['URL']
print(int(str(int_id(_id))[:7]))
auth_check = { auth_check = {
'id':int_id(_id) 'id':int(str(int_id(_id))[:7])
} }
json_object = json.dumps(auth_check, indent = 4) json_object = json.dumps(auth_check, indent = 4)
req = requests.post(user_man_url, data=json_object, headers={'Content-Type': 'application/json'}) req = requests.post(user_man_url, data=json_object, headers={'Content-Type': 'application/json'})
@ -425,10 +426,23 @@ class HBSYSTEM(DatagramProtocol):
# Check to see if we've reached the maximum number of allowed peers # Check to see if we've reached the maximum number of allowed peers
if len(self._peers) < self._config['MAX_PEERS']: if len(self._peers) < self._config['MAX_PEERS']:
# Check for valid Radio ID # Check for valid Radio ID
if self._config['USE_USER_MAN'] == True:
try:
self.ums_response = check_user_man(_peer_id) self.ums_response = check_user_man(_peer_id)
print(self.ums_response)
if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and self.ums_response['allow']: if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and self.ums_response['allow']:
user_auth = self.ums_response['allow']
except Exception as e:
if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']):
user_auth = True
logger.info(e)
else:
user_auth = False
print(user_auth)
if self._config['USE_USER_MAN'] == False:
if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and acl_check(_peer_id, self._config['REG_ACL']):
user_auth = True
if user_auth == True:
# Build the configuration data strcuture for the peer # Build the configuration data strcuture for the peer
self._peers.update({_peer_id: { self._peers.update({_peer_id: {
'CONNECTION': 'RPTL-RECEIVED', 'CONNECTION': 'RPTL-RECEIVED',
@ -477,16 +491,25 @@ class HBSYSTEM(DatagramProtocol):
_sent_hash = _data[8:] _sent_hash = _data[8:]
_salt_str = bytes_4(_this_peer['SALT']) _salt_str = bytes_4(_this_peer['SALT'])
#print(self.ums_response) #print(self.ums_response)
try:
if self.ums_response['mode'] == 'legacy': if self.ums_response['mode'] == 'legacy':
_calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest()) _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
if self.ums_response['mode'] == 'override': if self.ums_response['mode'] == 'override':
_calc_hash = bhex(sha256(_salt_str+str.encode(self.ums_response['value'])).hexdigest()) _calc_hash = bhex(sha256(_salt_str+str.encode(self.ums_response['value'])).hexdigest())
if self.ums_response['mode'] == 'normal': if self.ums_response['mode'] == 'normal':
_new_peer_id = bytes_4(int(str(int_id(_peer_id))[:7]))
## print(int_id(_new_peer_id))
calc_passphrase = base64.b64encode((_new_peer_id) + _config['USE_USER_MAN']['APPEND_INT'].to_bytes(2, 'big'))
## print(calc_passphrase)
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
ums_down = False
except Exception as e:
# If UMS down, default to base 64 auth
logger.info(e)
calc_passphrase = base64.b64encode((_peer_id) + int(1).to_bytes(2, 'big')) calc_passphrase = base64.b64encode((_peer_id) + int(1).to_bytes(2, 'big'))
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest()) _calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
ums_down = True
if _sent_hash == _calc_hash: if _sent_hash == _calc_hash or (ums_down == True and _sent_hash == _calc_hash):
_this_peer['CONNECTION'] = 'WAITING_CONFIG' _this_peer['CONNECTION'] = 'WAITING_CONFIG'
self.send_peer(_peer_id, b''.join([RPTACK, _peer_id])) self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID']) logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID'])

View File

@ -1,17 +1,24 @@
from flask import Flask, render_template, request, Response, Markup, jsonify, make_response from flask import Flask, render_template, request, Response, Markup, jsonify, make_response
auth_dict = { auth_dict = {
3153591:'hello' 3153591:''
} }
app = Flask(__name__) app = Flask(__name__)
@app.route('/')
def index():
value = Markup('<strong>The HTML String</strong>')
return value
#return render_template('index.html', title = dashboard_title, dashboard_url = dashboard_url, logo = logo, emergency = check_emergency(), api = use_api)
@app.route('/auth', methods=['POST']) @app.route('/auth', methods=['POST'])
def auth(): def auth():
hblink_req = request.json hblink_req = request.json
print(type(auth_dict[hblink_req['id']])) print((auth_dict[hblink_req['id']]))
if hblink_req['id'] in auth_dict: if hblink_req['id'] in auth_dict:
if auth_dict[hblink_req['id']] == 0: if auth_dict[hblink_req['id']] == 0:
response = jsonify( response = jsonify(
@ -30,6 +37,9 @@ def auth():
mode='override', mode='override',
value=auth_dict[hblink_req['id']] value=auth_dict[hblink_req['id']]
) )
if hblink_req['id'] in auth_dict:
esponse = jsonify(
allow=False)
return response return response