def verify(self):
payload = self._build_payload({"msg": "Testing message"})
assert auth.verify(payload['signature'],
payload['message'],
self.cfg['keys']['public']) is True
r = self._post("verify", payload)
return self._result(r)
def post(self):
"""
Hanlder git command
"""
if verify(self):
command = self.get_argument("command", "")
if command == "newEmptyBranch":
self.write("success")
self.newEmptyBranch()
def post(self):
# verify access token
link = self.get_argument("link")
suffix = self.get_argument("suffix","")
filename=self.get_argument("filename","")
if verify(self):
# download
self.write("success")
self.flush()
thread.start_new_thread(downloadAndPush,(link,filename,suffix))
def auth_public_keys(mongo, msgobj):
user = mongo.users.find_one({'username': msgobj['username']})
keys = mongo.public_keys.find({'user': user['_id']})
verified = False
for k in keys:
verified = auth.verify(msgobj['signature'], msgobj['message'].encode('utf-8'), str(k['key']))
if verified:
break
return verified, user
def get(self):
# verify access token
if verify(self):
command = self.get_argument("command", "")
if command == "status":
self.write(self.git.status())
elif command == "branch":
self.write(self.git.branch())
# not a valid request
else:
self.write_error(400)
def login2():
name = request.form['username']
p2 = request.form['server_secret']
sig = request.form['signature']
server_secret = auth.decrypt(b64d(p2))
genuine = auth.verify(key_for(name), server_secret, b64d(sig))
if genuine:
session['username'] = name
app.logger.info("%s successfully logged in" % (name,))
return "Success"
else:
abort(401)
def verify_registration(num):
user = request.args.get('user').lower()
info = auth.verify(num, user)
if(info[0] != "I"):
interest_string = ""
for subject in loads(info)["interests"]:
interest_string += subject + ","
res = make_response(redirect('http://localhost:3000/dashboard'))
res.set_cookie("username", value=str(loads(info)["user"]), max_age=None, samesite='Lax')
res.set_cookie("interests", value=str(interest_string), max_age=None, samesite='Lax')
return res
return info
def post(self):
# Get login form data
username = self.get_body_argument('username')
password = self.get_body_argument('password')
# Verify if login info is correct
if auth.verify(username, password) == True:
self.set_secure_cookie('user', username) # Set login cookie
self.redirect('/admin')
else:
# Upon error, redirect to login with error message
self.redirect(
"/admin/login?msg=Invalid%20username%20or%20password")
def authenticate_message(form):
keyB = auth.decrypt(b64d(form['key']))
payload = b64d(form['payload'])
payload = auth.aes_decrypt(payload, keyB)
payload = json.loads(payload)
sender, recipient, body, keyA, sig, keyA2 = payload['sender'], payload['recipient'], payload['body'], payload['key'], payload['signature'], payload['sender_key']
sender_user = db.get_user(sender)
recipient_user = db.get_user(recipient)
if not (sender_user and recipient_user):
return (False,)
sig = b64d(sig)
if auth.verify(key_for(sender), sender+recipient+body, sig):
return (True, (sender, recipient, body, keyA, keyA2))
else:
return (False,())
def authFunction():
#檢查傳遞資料是否正確
if (not ("token" in request.json)):
return jsonify({"msg": "argument error"}), 400
#驗證
token = request.json["token"]
verifyRes = verify(token)
#如果通過reCaptcha,才發給jwt token
if (not verifyRes["success"]):
return jsonify(verifyRes), 401
#產生 JWT token
verifyRes.update({"access_token": generateJWTtoken(time.time())})
print(verifyRes)
return jsonify(verifyRes), 200
def receive(token, queue, retry, debug=False):
'''
Get the message from the queue, display the decrypted text.
'''
if status(debug):
LOGGER.info('[keybase-status] client-up; signed-in')
else:
LOGGER.error('[keybase-status] client-down/sigend-out')
return
try:
while True:
job = queue.get_job(['in'], count=1, nohang=False)
# Wait for a valid job.
if len(job) > 0:
queue.ack_job(job[0][1])
LOGGER.info('[received-job]: %s', repr(job[0]))
signed = get(job[0][2].strip(), token, debug)
# Check for a valid signature.
if signed is None:
LOGGER.error('[gist-fetch] %s not found!', job[0][2])
continue
# If the message is verified, decrypt it.
flag, who, encrypted = verify(signed, debug)
if flag:
LOGGER.info('[keybase-verify] message signed by %s', who)
who, text = decrypt(encrypted, debug)
if who is not None:
LOGGER.info(('[keybase-decrypt] message encrypted'
' by %s'), who)
LOGGER.info(('[keybase-decrypt] plain-text content: '
'\n%s'), text)
else:
LOGGER.error('[keybase-decrypt] un-trusted encryption')
continue
else:
LOGGER.error('[keybase-verify] unable to verify')
continue
time.sleep(retry)
except Exception:
LOGGER.error('[queue] unable to fetch jobs from \'in\'')
def test_will_not_verify_malformed_token(self):
tokenwithnologin = '******'
self.assertEqual(False,auth.verify(tokenwithnologin,'secret'))
tokenwithnosignature = '{"login": "******"}'
self.assertEqual(False,auth.verify(tokenwithnosignature,'secret'))
def test_will_not_authenticate_token_with_fake_signature(self):
secret = 'secret';
faketoken = '{"login": "******", "signature": "portnawak"}'
self.assertEqual(False,auth.verify(faketoken,'secret'))
def test_can_verify_authentic_token(self):
token = '{"login": "******", "signature": "334653c938d6ec85903dff5ed6b11170bcd008b6"}'
self.assertEqual(True,auth.verify(token,'secret'))
s.Popen(["/usr/local/bin/gpio", "-g", "write", "3", "1"], stdout = s.PIPE)
return True
def changeLight(action):
if action == 'on':
result = on()
elif action == 'off':
result = off()
else:
result = False
return result
def getAction():
form = cgi.FieldStorage()
try:
action = form['action'].value
except KeyError, e:
action = 'unknown'
return action
action = getAction()
if auth.verify():
result = changeLight(action)
else:
result = False
jsonData = {'result': result, 'action': action}
print 'Content-Type: application/json\n\n'
print json.dumps(jsonData)
code = None
try:
while True:
# 3ms delay affects everything following
response = wiegand.read()
if isinstance(response, int):
code = numpad.press(response) # button
else:
code = response # card (or None)
# check the code
if code != None:
if auth.verify(code):
# unlock
entry.allow()
event.log('Access granted', code)
else:
entry.deny()
event.log('Access denied', code)
code = None
# check sensors
sensors.check()
# cleanup
entry.secure()
