def check_ASK(key, username):
user_query = cloudsql.read('User', username)
if user_query is None:
return None
current_cloud_key = user_query.ASK
next_cloud_key = hash_ASK(current_cloud_key)
if next_cloud_key == key:
record_updates = {'ASK': next_cloud_key}
cloudsql.update(user_query, record_updates)
return True
else:
return False
def check_PSK(key, pep_id):
pepper_query = cloudsql.read('Pepper', pep_id)
if pepper_query is None:
return None
current_cloud_key = pepper_query.PSK
next_cloud_key = hash_PSK(current_cloud_key)
if next_cloud_key == key:
record_updates = {'PSK': next_cloud_key}
cloudsql.update(pepper_query, record_updates)
return True
else:
return False
def authorizeUser():
try:
content = request.json
if content is None:
return Response(status=400)
pep_id = content['pep_id']
PSK = content['PSK']
username = content['username']
except KeyError:
return Response(status=400)
check_result = authentication.check_PSK(PSK, pep_id)
if check_result is None:
return jsonify({'Error': "pep_id not found."}), 409
elif check_result is False:
return Response(status=403)
user_query = cloudsql.read('User', username)
if user_query is None:
return jsonify({'Error': "User not found."}), 409
elif user_query == -1:
return Response(status=500)
auth_query = cloudsql.read('Auth', (pep_id, username))
if auth_query is None:
# UserAuth does not exist, so add a new one and authorize
new_auth = {
'username': username,
'pep_id': pep_id,
'email': user_query.email,
'authorized': True
}
cloudsql.create('Auth', new_auth)
elif auth_query == -1:
return Response(status=500)
record_updates = {'authorized': True}
cloudsql.update(auth_query, record_updates)
return Response(status=200)
def photo():
try:
content = request.form
if content is None:
return Response(status=400)
username = content['username']
pep_id = content['pep_id']
ASK = content['ASK']
photo_file = request.files['file']
except KeyError:
return Response(status=400)
# Read file content and encode photo into base64 string.
file_content = photo_file.read()
encoded_photo = file_content.encode('base64')
# Check Android Security Key to authenticate request.
check = authentication.check_ASK(ASK, username)
if check is None or check is False:
return Response(status=403)
# Check if user is authorized for pep_id.
auth_query = cloudsql.read('Auth', (pep_id, username))
if auth_query is None:
return Response(status=401)
elif not auth_query.authorized:
return Response(status=401)
elif auth_query == -1:
return Response(status=500)
# Check if pep_id is registered.
pepper = cloudsql.read('Pepper', pep_id)
if pepper is None:
return Response(status=409)
elif pepper == -1:
return Response(status=500)
# Check if Pepper is Active.
if pepper.ip_address == '':
return jsonify({'Error': "Pepper Application is inactive."}), 410
relay_ip = "http://" + pepper.ip_address + ":8080/PepperPhoto"
print("Sending photo to: " + relay_ip)
# Hash PSK from database
new_PSK = authentication.hash_PSK(pepper.PSK)
try:
req = req_out.post(relay_ip, json={'PSK': new_PSK, 'photo': encoded_photo})
except req_out.exceptions.ConnectionError:
# Set Pepper record to inactive.
record_updates = {'ip_address': ''}
cloudsql.update(pepper, record_updates)
return jsonify({'Error': "Pepper failed to respond."}), 410
if req.status_code == 200:
# Update PSK in database
record_updates = {'PSK': new_PSK}
cloudsql.update(pepper, record_updates)
return req.text
else:
return Response(status=200)
def message():
try:
content = request.json
if content is None:
return Response(status=400)
username = content['username']
pep_id = content['pep_id']
ASK = content['ASK']
msg = content['message']
except KeyError:
return Response(status=400)
# Check Android Security Key to authenticate request
check = authentication.check_ASK(ASK, username)
if check is None or check is False:
return Response(status=403)
# Check if user is authorized for pep_id
auth_query = cloudsql.read('Auth', (pep_id, username))
if auth_query is None:
return Response(status=401)
elif not auth_query.authorized:
return Response(status=401)
elif auth_query == -1:
return Response(status=500)
# Check if pep_id is registered.
pepper = cloudsql.read('Pepper', pep_id)
if pepper is None:
# pep_id is not registered
return Response(status=409)
elif auth_query == -1:
return Response(status=500)
# Check if Pepper App is active
if pepper.ip_address == '':
return jsonify({'Error': "Pepper Application is inactive."}), 410
relay_ip = "http://" + pepper.ip_address + ":8080/PepperMessage"
# Hash PSK from database
new_PSK = authentication.hash_PSK(pepper.PSK)
try:
# Send request to Pepper
req = req_out.post(relay_ip, json={'msg': msg, 'PSK': new_PSK, 'username': username})
except req_out.exceptions.ConnectionError as error:
# Set Pepper record to inactive
record_updates = {'ip_address': ''}
cloudsql.update(pepper, record_updates)
return jsonify({'Error': "Pepper failed to respond."}), 410
if req.status_code == 200:
# Update PSK in database
record_updates = {'PSK': new_PSK}
cloudsql.update(pepper, record_updates)
return req.text
else:
return Response(status=req.status_code)
def login():
try:
content = request.json
if content is None:
return Response(status=400)
username = content['username']
password = content['password']
except KeyError:
# Missing Data in request json
return Response(status=400)
# Check for FireBaseToken
if 'FBToken' in content:
FBToken = content['FBToken']
else:
FBToken = False
# Check if login is coming from Pepper App.
if request.path == '/pepperLogin':
try:
pep_id = content['pep_id']
except KeyError:
# Missing Data in request json
return Response(status=400)
pepper_login = True
else:
pepper_login = False
# Query Database for User
user_query = cloudsql.read('User', username)
if user_query is None:
return Response(status=409)
# Check if password matches
if check_password_hash(user_query.password, password):
# Check if User is authorized for Pepper
if pepper_login:
auth_query = cloudsql.read('Auth', (pep_id, username))
if auth_query is None:
# User is not authorized for pep_id
return Response(status=403)
elif auth_query == -1:
return Response(status=500)
elif auth_query.authorized:
return Response(status=200)
else:
return Response(status=403)
# Get list of authorized Peppers and authorization requests for Android Application
auth_pepper_list = []
req_list = []
key = {'username': username}
auth_list_query = cloudsql.read_list('Auth', key)
for auth in auth_list_query:
if auth.authorized is True:
auth_pepper_list.append(auth.pep_id)
else:
req_list.append(auth.pep_id)
# Generate new ASK
ASK = authentication.generate_random_string()
hashed_ASK = authentication.hash_ASK(ASK)
# Update ASK and FBToken in database
record_updates = {'ASK': hashed_ASK, 'FBToken': FBToken}
cloudsql.update(user_query, record_updates)
return jsonify({
'ASK': hashed_ASK,
'pepper_list': auth_pepper_list,
'request_list': req_list,
'email': user_query.email
})
else:
return Response(status=401)
def add_update_Pepper():
try:
content = request.json
if content is None:
return Response(status=400)
pep_id = content['pep_id']
ip = request.access_route[0]
PSK = content['PSK']
username = content['username']
except KeyError:
return Response(status=400)
# Pepper App will send in a non-empty username when in first-time setup mode
if username != '':
user_query = cloudsql.read('User', username)
if user_query is None:
return jsonify({'Error': "User not found."}), 410
elif user_query == -1:
return Response(status=500)
# Check for existing Pepper entity with pep_id.
pepper = cloudsql.read('Pepper', pep_id)
if pepper == -1:
return Response(status=500)
if pepper is None:
if username == '':
# Pepper App has pep_id registered when database does not, send 410 to notify
return jsonify(
{'Error': "Pepper not found. Please register again."}), 410
# Register new Pepper into database
new_pepper = {'pep_id': pep_id, 'ip_address': ip, 'PSK': PSK}
cloudsql.create('Pepper', new_pepper)
# Check database for any existing UserAuth records
key = {'pep_id': pep_id}
auth_list_query = cloudsql.read_list('Auth', key)
if auth_list_query == -1:
return Response(status=500)
# Delete all of them to guarantee correct authorization
for auth in auth_list_query:
cloudsql.delete(auth)
# Authorize user that is registering new Pepper
new_user_auth = {
'pep_id': pep_id,
'username': username,
'email': user_query.email,
'authorized': True
}
cloudsql.create('Auth', new_user_auth)
return Response(status=200)
else:
if username != '':
# pep_id is already in use in database, send 409 to notify Pepper App to tell user to choose another one
return Response(status=409)
# Pepper already exists so update database record
record_updates = {'ip_address': ip, 'PSK': PSK}
cloudsql.update(pepper, record_updates)
return Response(status=200)