def publish_canary(sigid_base64):
canary = get_canary(sigid_base64)
if canary is None:
return page_not_found('canary')
fp = canary.user.fingerprint
if request.method == 'GET':
ciphertext = Challenge.generate(canary, fp)
return dict(canary=canary, ciphertext=ciphertext)
if request.method == 'POST':
"""If the request originated from a logged in user's manage canary
page, republish the canary."""
if logged_in() and session['fp'] == fp:
return republish_canary(canary)
else:
if Challenge.check(canary, request.form['decrypted'].strip()):
return republish_canary(canary)
else:
flash(err_messages['decrypt_fail'], 'error')
return None
def canary(sigid_base64):
if request.method == 'GET':
canary = get_canary(sigid_base64)
if canary is None:
return page_not_found('canary')
pathstr = str(sigid_base64)
path = os.path.join(app.config.get('CANARIES_DIR'), pathstr)
f = open(path, 'r')
text = f.read()
f.close()
return dict(canary=canary, text=text)
if request.method == 'POST':
if not is_sigid(sigid_base64):
return redirect(url_for('index'))
try:
canary = Canary.query.filter(
Canary.sigid_base64 == sigid_base64).one()
decrypted = request.form['decrypted'].strip()
if not Challenge.check(canary, decrypted):
raise IncorrectChallengeException
except KeyError:
flash(err_messages['incomplete_form'], 'error')
return None
except IncorrectChallengeException:
db_session.delete(canary)
db_session.commit()
flash(err_messages['decrypt_fail'], 'error')
return redirect(url_for('new_canary'))
except Exception as e:
flash(err_messages['generic'], 'error')
app.logger.error(e)
return redirect(url_for('new_canary'))
sess = session['canary']
fp = sess['fp']
try:
user = User.query.filter(User.fingerprint == fp).one()
"""Update the existing user's key info, in case the username
or email address has been edited since we last saw it."""
user.update(canary['uid'])
except NoResultFound:
# Create a new user
user = User(sess['keyid'], fp, sess['uid'])
db_session.add(user)
db_session.commit()
canary.user_id = user.id
canary.active = True
db_session.commit()
with app.app_context():
text = sess['text']
if app.testing:
notify(canary, user, text)
else:
notify.delay(canary, user, text)
pathstr = str(sigid_base64)
path = os.path.join(app.config.get('CANARIES_DIR'), pathstr)
with open(path, 'w') as f:
f.write(text)
f.close()
flash(messages['published'], 'message')
return redirect(url_for('canary', sigid_base64=sigid_base64))
def test_check_invalid_challenge(self):
"""Test that submitting an invalid challenge solution fails."""
self.user.chal_id = self.chal.id
self.assertFalse(Challenge.check(self.user, '0' * 32))
def test_check_invalid_challenge_format(self):
"""Test that submitting an incorrectly-formatted solution fails.
"""
self.user.chal_id = self.chal.id
self.assertFalse(Challenge.check(self.user, '<#(!--'))
def test_check_valid_challenge(self):
"""Test that submitting a valid challenge solution succeeds."""
self.user.chal_id = self.chal.id
self.assertTrue(Challenge.check(self.user, self.sekrit))
