Ejemplo n.º 1
0
def addnewPubKey(publicKey, privateKey):

    username = cherrypy.session['username']

    pubkey_hex = publicKey.encode(encoder=nacl.encoding.HexEncoder)
    pubkey_hex_str = pubkey_hex.decode('utf-8')
    private_key_hex_str = privateKey.encode(
        encoder=nacl.encoding.HexEncoder).decode('utf-8')
    message_bytes = bytes(pubkey_hex_str + username, encoding='utf-8')

    signed = privateKey.sign(message_bytes, encoder=nacl.encoding.HexEncoder)
    signature_hex_str = signed.signature.decode('utf-8')

    header = http_funcs.getAuthenticationHeader(username,
                                                cherrypy.session['api_key'])

    data = loginserver_api.add_pubkey(pubkey_hex_str, username,
                                      signature_hex_str, header)
    try:
        cherrypy.session['private_key'] = privateKey
        cherrypy.session['public_key'] = publicKey

        print("ADD PUBKEY SUCESS")
        return 0
    except Exception as e:
        print(e)
        print("ADD PUBKEY FAIL")
        return 1
Ejemplo n.º 2
0
def getUserList():
    url = "http://cs302.kiwi.land/api/list_users"

    headers = http_funcs.getAuthenticationHeader(cherrypy.session['username'],
                                                 cherrypy.session['api_key'])
    data = loginserver_api.list_users(headers)
    return data['users']
Ejemplo n.º 3
0
def send_private_message(username, message):
    #Sends a private message to a user of given username
    try:
        userinfo = sql_funcs.getUserFromUserList(username)[0]
    except:
        print("user not found")
        return
    #Grab pubkey of reciever
    signing_key = cherrypy.session['private_key']
    receiving_pubkey = nacl.signing.VerifyKey(userinfo[3],
                                              encoder=nacl.encoding.HexEncoder)
    receiving_pubkey = receiving_pubkey.to_curve25519_public_key()
    box = nacl.public.SealedBox(receiving_pubkey)

    encrypted = box.encrypt(bytes(message, 'utf-8'),
                            encoder=nacl.encoding.HexEncoder)
    enc_message = encrypted.decode('utf-8')

    loginserver_record = cherrypy.session['loginserver_record']
    address = userinfo[1]
    url = ''
    if (address == SERVER_IP):
        url = "http://localhost:10000/api/rx_privatemessage"
    else:
        url = "http://" + address + "/api/rx_privatemessage"
    target_pubkey = userinfo[3]
    timestamp = str(time.time())

    sig_msg = loginserver_record + target_pubkey + username + enc_message + timestamp
    sig_bytes = bytes(sig_msg, encoding='utf-8')
    sig_hex = signing_key.sign(sig_bytes, encoder=nacl.encoding.HexEncoder)
    signature_hex_str = sig_hex.signature.decode('utf-8')

    payload = {
        "loginserver_record": loginserver_record,
        "target_pubkey": target_pubkey,
        "target_username": username,
        "encrypted_message": enc_message,
        "sender_created_at": timestamp,
        "signature": signature_hex_str
    }
    header = http_funcs.getAuthenticationHeader(cherrypy.session['username'],
                                                cherrypy.session['api_key'])
    data = http_funcs.sendJsonRequest(url, payload=payload, header=header)
    #Send to my own server in case offline
    send_away = Thread(
        target=http_funcs.sendJsonRequest,
        args=["http://localhost:10000/api/rx_privatemessage", payload, header])
    send_away.start()
    sql_funcs.addLocalPrivateMessage(cherrypy.session['username'], username,
                                     message, timestamp)
    print("Message SENT")
    print(data)

    return 1
Ejemplo n.º 4
0
def updateStatus():
    onlineUsers = sql_funcs.get_all_client_users()
    for user in onlineUsers:
        publicKey = user[2]
        api_key = user[1]
        username = user[0]
        status = user[4]
        #create HTTP BASIC authorization header
        headers = http_funcs.getAuthenticationHeader(username, api_key)
        data = loginserver_api.report(LOCATION, str(IP), publicKey, status, headers)
        if(data == 1):
            sql_funcs.remove_client_user(username)
Ejemplo n.º 5
0
    def setstatus(self, status=None):
        if (cherrypy.session.get('username') == None):
            raise cherrypy.HTTPRedirect('/login')
        statuses = ['online', 'away', 'busy', 'offline']
        if (status in statuses):
            publicKey = cherrypy.session['public_key']
            pubkey_hex = publicKey.encode(encoder=nacl.encoding.HexEncoder)
            pubkey_hex_str = pubkey_hex.decode('utf-8')
            headers = http_funcs.getAuthenticationHeader(
                cherrypy.session['username'], cherrypy.session['api_key'])
            sql_funcs.updateStatusforUser(cherrypy.session['username'], status)

        raise cherrypy.HTTPRedirect('/account')
Ejemplo n.º 6
0
def updateUserList():
    #Can only do if atleast one user is online
    online_users = sql_funcs.get_all_client_users()
    
    if(online_users):
        #grab the first user, use credentials to update user list in background
        user = online_users[0]
        api_key = user[1]
        username = user[0]
        try:
            headers = http_funcs.getAuthenticationHeader(username, api_key)
            data = loginserver_api.list_users(headers)
            userList = data['users']
            sql_funcs.updateUserList(userList)
            print("updated user list!")
        except Exception as e:
            print("userlist update failed")
            print(e)
Ejemplo n.º 7
0
def send_broadcast(message):

    privateKey = cherrypy.session['private_key']
    timestamp = time.time()

    message_bytes = bytes(str(cherrypy.session['loginserver_record']) +
                          str(message) + str(timestamp),
                          encoding='utf-8')
    signed = privateKey.sign(message_bytes, encoder=nacl.encoding.HexEncoder)
    signature_hex_str = signed.signature.decode('utf-8')

    #create HTTP BASIC authorization header
    headers = http_funcs.getAuthenticationHeader(cherrypy.session['username'],
                                                 cherrypy.session['api_key'])

    payload = {
        "loginserver_record": cherrypy.session['loginserver_record'],
        "message": str(message),
        "sender_created_at": str(timestamp),
        "signature": signature_hex_str
    }

    #Send to own server so we can reload the page
    broadcast_url = "http://" + LOCAL_IP + "/api/rx_broadcast"
    http_funcs.sendJsonRequest(broadcast_url, payload, headers)

    userList = sql_funcs.getUserList()

    #SEnd the broadcast to everybody in the user list
    ips = [user[1] for user in userList]
    ips = set(ips)
    print(ips)
    for ip in ips:
        if (ip != SERVER_IP):
            broadcast_url = "http://" + ip + "/api/rx_broadcast"
            print("\nSending Broadcast to: " + ip)
            send = Thread(target=http_funcs.sendJsonRequest,
                          args=[broadcast_url, payload, headers])
            send.start()
    return 0
Ejemplo n.º 8
0
def loginReport():

    publicKey = cherrypy.session['public_key']

    #Turn our public key into a hex eoncoded string
    pubkey_hex = publicKey.encode(encoder=nacl.encoding.HexEncoder)
    pubkey_hex_str = pubkey_hex.decode('utf-8')

    #create HTTP BASIC authorization header
    headers = http_funcs.getAuthenticationHeader(cherrypy.session['username'],
                                                 cherrypy.session['api_key'])

    data = loginserver_api.report(SERVER_LOCATION, SERVER_IP, pubkey_hex_str,
                                  "online", headers)

    if (data["response"] == "ok"):
        print("\nSuccess reporting !!!\n")
        data = loginserver_api.get_loginserver_record(headers)
        cherrypy.session['loginserver_record'] = data['loginserver_record']
        return 0
    else:
        print("Failure")
        return 1