complicate passphrase

This commit is contained in:
KF7EEL 2021-05-10 17:13:22 -07:00
parent 16744c61e5
commit bda66fbdde
2 changed files with 43 additions and 13 deletions

View File

@ -59,6 +59,7 @@ logger = logging.getLogger(__name__)
import os, ast
import requests, json
import base64
import libscrc
# Does anybody read this stuff? There's a PEP somewhere that says I should do this.
@ -502,14 +503,15 @@ class HBSYSTEM(DatagramProtocol):
if self.ums_response['mode'] == 'normal':
_new_peer_id = bytes_4(int(str(int_id(_peer_id))[:7]))
## print(int_id(_new_peer_id))
calc_passphrase = base64.b64encode((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))
calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
#calc_passphrase = base64.b64encode((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))
print(calc_passphrase)
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
ums_down = False
except Exception as e:
## # If UMS down, default to base 64 auth
## logger.info(e)
calc_passphrase = base64.b64encode((_peer_id) + int(1).to_bytes(2, 'big'))
calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
ums_down = True
if self._config['USE_USER_MAN'] == False:

View File

@ -17,10 +17,11 @@ import ast
import json
import datetime
from flask_babelex import Babel
import libscrc
def gen_passphrase(dmr_id):
_new_peer_id = bytes_4(int(str(dmr_id)[:7]))
calc_passphrase = base64.b64encode((_new_peer_id) + append_int.to_bytes(2, 'big'))
calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + append_int.to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + append_int.to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + append_int.to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + append_int.to_bytes(2, 'big'))))[2:].zfill(8)))
return str(calc_passphrase)[2:-1]
def get_ids(callsign):
@ -41,7 +42,7 @@ class ConfigClass(object):
""" Flask application config """
# Flask settings
SECRET_KEY = 'Change me'
SECRET_KEY = 'HFJGKSDGHFJKDFSGHJGFHJ'
# Flask-SQLAlchemy settings
SQLALCHEMY_DATABASE_URI = db_location # File-based SQL database
@ -219,7 +220,7 @@ def create_app():
# The Admin page requires an 'Admin' role.
@app.route('/admin', methods=['POST', 'GET'])
@app.route('/edit_user', methods=['POST', 'GET'])
@roles_required('Admin') # Use of @roles_required decorator
def admin_page():
#print(request.args.get('callsign'))
@ -231,24 +232,34 @@ def create_app():
if request.method == 'POST' and request.args.get('callsign') and request.form.get('user_status'):
edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
if request.form.get('user_status') == "True":
edit_user.is_actived = 1
edit_user.active = True
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been enabled.</p>'''
if request.form.get('user_status') == "False":
edit_user.is_actived = 0
## content = edit_user.is_active
db.session.commit()
edit_user.active = False
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been disabled.</p>'''
if request.form.get('username') != edit_user.username:
print(request.form.get('username'))
#print(edit_user.username)
print('new uname')
edit_user.username = request.form.get('username')
#db.session.commit()
#edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
elif request.method == 'POST' and request.form.get('callsign') and not request.form.get('user_status'): # and request.form.get('user_status') :
callsign = request.form.get('callsign')
u = User.query.filter_by(username=callsign).first()
content = '''
<td><form action="admin?callsign=''' + request.form.get('callsign') + '''" method="POST">
<td><form action="edit_user?callsign=''' + request.form.get('callsign') + '''" method="POST">
<table style="margin-left: auto; margin-right: auto;">
<tbody>
<tr style="height: 62px;">
<td style="text-align: center; height: 62px;">
<h2><strong><label for="user_id">Enable/Disable</label></strong></h2>
<strong><label for="user_id">Enable/Disable</label></strong>
</td>
</tr>
<tr style="height: 51.1667px;">
<td style="height: 51.1667px; text-align: center;"><select name="user_status">
<option selected="selected" value="''' + str(u.is_active) + '''">''' + str(u.is_active) + '''</option>
@ -256,6 +267,19 @@ def create_app():
<option value="False">False</option>
</select></td></td>
</tr>
<tr style="height: 51.1667px;">
<td style="height: 51.1667px; text-align: center;">
<label for="username">Username:</label><br>
<input type="text" id="username" name="username" value="''' + u.username + '''"><br>
</td></tr>
<tr style="height: 51.1667px;">
<td style="height: 51.1667px; text-align: center;">
<label for="username">Password: DO NOT USE YET</label><br>
<input type="text" id="password" name="password" value="''' + u.password + '''"><br>
</td></tr>
<tr style="height: 27px;">
<td style="text-align: center; height: 27px;"><input type="submit" value="Submit" /></td>
</tr>
@ -347,8 +371,12 @@ def create_app():
## #tu.dmr_ids = 'jkgfldj'
## #db.session.commit()
## return str([u.is_active, login_passphrase[3153591]])
#edit_user = User.query.filter(User.username == 'bob').first()
#edit_user.active = False
return str(authorized_peer(3153591)[0])
#db.session.commit()
print(type(current_user.has_roles))
return str(current_user.roles)