def verifyChallenge(self): #Integrar com PAM hdrs = cherrypy.request.headers userid = hdrs['userid'] user = getUserById(userid) signed = hdrs['signature'] (m,e) = getExpAndMod(user) #digest = hdrs['challengedigest'] pam = pamHandler() res = pam.start(user,signed,SafeBoxAuth.challenges[userid],m,e) if res != 'Good to go!': cherrypy.response.headers['error'] = res else: cherrypy.response.headers['error'] = 'OK' self.on_login(user)
def loginPw(self):
request = cherrypy.request.body.read()
key = open('server.pem','r')
rsa = RSA.importKey(key)
privdecipher = PKCS1_OAEP.new(rsa)
key.close()
deciphered = privdecipher.decrypt(request.decode('hex'))
data = json.loads(deciphered)
username = cherrypy.request.headers['user'].decode('hex')
pwds = gethashbd(username)
pwdt = data['hashed']#bcrypt.hashpw(data['pwd'].encode('ascii'),pwds.decode('hex'))
pam = pamHandler()
res = pam.startpw(username,base64.b64encode(pwdt),base64.b64encode(pwds.decode('hex')))
#error = check_credentials(username,pwd)
if res != 'Good to go!':
cherrypy.response.headers['error'] = res
else:
cherrypy.response.headers['error'] = 'OK'
self.on_login(username)
