def profile(self, name=None, filterVal=None):
allusers = database.getAllUsers()
logserv = cherrypy.session.get("logserv", None)
if logserv is None:
raise cherrypy.HTTPRedirect('/login')
else:
template = j2_env.get_template('web/profile.html')
username = cherrypy.session.get("username")
if name == username or name is None:
broadcasts = database.getAllBroadcastsUser(username)
profile = database.getUserData(username)
isOwn = True
else:
profile = database.getUserData(name)
validUser = helper.checkValidUser(username, name)
if not validUser:
profile["username"] = "******"
if filterVal == "favourite":
broadcasts = database.getFavBroadcasts(name)
elif filterVal == "blocked":
broadcasts = database.getFavBroadcasts(name)
else:
broadcasts = database.getAllBroadcastsUser(name)
filterVal = "recent"
isOwn = False
if not broadcasts:
broadcasts = []
for broadcast in broadcasts:
message = broadcast.get("message")
broadcastUser = broadcast.get("username")
time = broadcast.get("sender_created_at")
sig = broadcast.get("signature")
validMessage = helper.checkValidMessage(username, message)
validBroadcast = helper.checkValidBroadcast(username, sig)
if not validBroadcast:
broadcast[
"username"] = '******' #dont display at all
if not validMessage:
broadcast["message"] = 'invalid message'
time = broadcast.get("sender_created_at")
broadcast["time"] = helper.formatTime(time)
broadcast["likes"] = database.getNumberLikesBroadcasts(
broadcast.get("signature", None))
output = template.render(profile=profile,
broadcasts=broadcasts,
isOwn=isOwn,
allusers=allusers)
return output
def signin(self, username=None, password=None, password2=None):
"""Check their name and password and send them either to the main page, or back to the main login screen."""
logserv = loginserver.loginserver(username, password, password2)
error = logserv.getNewApiKey()
if error > 0:
cherrypy.lib.sessions.expire()
raise cherrypy.HTTPRedirect('/login?bad_attempt=1')
phash = helper.getShaHash(password)
database.checkUsernamePassword(username, phash)
success = logserv.getSigningKey()
if success > 0:
cherrypy.lib.sessions.expire()
raise cherrypy.HTTPRedirect('/login?bad_attempt=1')
peer = p2p.p2p(username, password, logserv.signing_key, logserv.apikey,
logserv)
cherrypy.session['username'] = username
cherrypy.session['password'] = password
cherrypy.session["logserv"] = logserv
cherrypy.session["p2p"] = peer
data = database.getUserData(username)
if not data:
since = str(time.time() - 1000)
else:
since = str(data.get("lastReport"))
threadReport = loginserver.MyThread(logserv, peer)
cherrypy.session["thread"] = threadReport
threadReport.start()
offline_thread = threading.Thread(target=peer.retrieveOfflineData,
args=(since, ))
offline_thread.start()
raise cherrypy.HTTPRedirect('/index')
def __init__(self, name):
super().__init__()
self.name = name
#creates a linked list of websites to be utilized by the forward and backword buttons
self.urls = DoubleList()
#retrieves websites for the current user; creates list with only google if user is not found.
self.websites = database.getUserData(self.name)
if self.name != None:
self.websites = list(self.websites[0][1:5])
else:
self.websites = ['google https://www.google.com/']
self.websitesDictionary = {}
#creates a dictionary of the user websites to increase search time in functions that utilize the list of websites
for item in self.websites:
if len(item) > 1:
data = item.split()
self.websitesDictionary[data[0]] = data[1]
self.currentUrl = self.urls.append('home')
self.homeScreen()
def findDetails(message, userid):
details_found = False
userdata = database.getUserData(userid)
message = message.decode('unicode-escape')
reg = re.compile("[a-zA-Z0-9._-]*@[a-zA-Z0-9._-]*")
emails = reg.findall(message)
for email in emails:
print(email)
if userdata.get("email", False) == False:
details_found = True
database.updateUser(userid, {"email": email})
print(email)
reg = re.compile("([0-9]{4} [0-9]{3} [0-9]{3})")
phones = reg.findall(message)
if len(phones) == 0:
reg = re.compile("([0-9]{10})")
phones = reg.findall(message)
for phone in phones:
phone = phone.replace(" ", "")
if userdata.get("phone", False) == False:
details_found = True
database.updateUser(userid, {"phone": phone})
return details_found
def sendGroupMessage(self, target_group_hash, message):
headers = self.createAuthorisedHeader(False)
target_group_bytes = bytes(target_group_hash, encoding='utf-8')
try:
key = helper.getEncryptionKey(self.logserv,target_group_bytes)
except Exception as e:
print(e)
return 1
if not key:
print("ERROR IN SENDING MESSAGE")
return 1
try:
encr_message = helper.encryptStringKey(key, message).hex() #TODO change if hex is appropriate.
except Exception as e:
print(e)
return 1
#encr_message = helper.encryptMessage(message, user_pubkey)
ud = database.getUserHashes(self.username)
loginserver_record = ud.get("loginrecord")
ts = str(time.time())
message_bytes = bytes(loginserver_record+encr_message+ts, encoding='utf-8')
signed = self.signing_key.sign(message_bytes, encoder=nacl.encoding.HexEncoder)
signature_hex_str = signed.signature.decode('utf-8')
payload = {
"loginserver_record": loginserver_record,
"groupkey_hash": target_group_hash,
"group_message": encr_message,
"sender_created_at": ts,
"signature": signature_hex_str
}
pubkey_hex = self.signing_key.verify_key.encode(encoder=nacl.encoding.HexEncoder)
try:
self_encrypted_message = helper.encryptMessage(message, pubkey_hex)
except Exception as e:
print("failed to encrypt sent message.")
print(e)
return 1
print(target_group_hash)
target_users = database.getGroupUsers(target_group_hash)
database.addsentMessages(self.username, target_group_hash, self_encrypted_message, ts, "group")
for tg in target_users:
username = tg.get("username")
user = database.getUserData(username)
user_address = user.get("address", None)
user_status = user.get("status", None)
if user_address is None or user_status != "online":
continue
url = "http://" + user_address + "/api/rx_groupmessage"
print(url)
try:
JSON_object = helper.postJson(payload, headers, url)
print(JSON_object)
response = JSON_object.get("response", None)
if response == "ok":
print("message sent")
print("url")
else:
print("response not OK")
except:
print("FAILED TO sent group message!")
def createGroupChatP2p(self, target_usernames):
headers = self.createAuthorisedHeader(False)
print("creating group chats")
error = 0
#generating symmetric keys to be stored
key = helper.generateRandomSymmetricKey()
key_str = key.hex()
try:
helper.addToPrivateData(self.logserv, "prikeys", key_str)
except Exception as e:
print(e)
return 1
#create a group invite
ud = database.getUserHashes(self.username)
loginserver_record = ud.get("loginrecord")
try:
groupkey_hash = helper.getShaHash(key)
except Exception as e:
print(e)
return 1
groupkey_hash_str = groupkey_hash.decode('utf-8')
database.addGroupChatReceived(groupkey_hash_str, self.username)
#encr = helper.getEncryptionKey(self.logserv, groupkey_hash)
for username in target_usernames:
user = database.getUserData(username)
user_address = user.get("address", None)
user_location = user.get("location", None)
user_pubkey = user.get("pubkey", None)
try:
encr_groupkey = helper.encryptMessage(key, user_pubkey)
except Exception as e:
print(e)
return 1
ts = str(time.time())
message_bytes = bytes(loginserver_record+groupkey_hash_str+user_pubkey+username+encr_groupkey+ts, encoding='utf-8')
signed = self.signing_key.sign(message_bytes, encoder=nacl.encoding.HexEncoder)
signature_hex_str = signed.signature.decode('utf-8')
payload = {
"loginserver_record": loginserver_record,
"groupkey_hash": groupkey_hash_str,
"target_pubkey": user_pubkey,
"target_username": username,
"encrypted_groupkey": encr_groupkey,
"sender_created_at": ts,
"signature": signature_hex_str
}
if user_address is None:
continue
url = "http://" + user_address + "/api/rx_groupinvite"
print(url)
try:
JSON_object = helper.postJson(payload, headers, url)
print(JSON_object)
response = JSON_object.get("response", None)
if response == "ok":
print("group invite sent successfully")
database.addGroupChatReceived(groupkey_hash_str, username)
else:
print("response not OK")
except Exception as e:
print("FAILED TO SEND!")
print(e)
error = 1
return error, groupkey_hash_str
def sendPrivateMessage(self, message, send_user):
headers = self.createAuthorisedHeader(False)
user = database.getUserData(send_user)
user_address = user.get("address", None)
user_pubkey = user.get("pubkey", None)
user_status = user.get("status", None)
try:
encr_message = helper.encryptMessage(message, user_pubkey)
except Exception as e:
print(e)
print("failed to encrypt message")
return 1
ud = database.getUserHashes(self.username)
loginserver_record = ud.get("loginrecord")
ts = str(time.time())
message_bytes = bytes(loginserver_record+user_pubkey+send_user+encr_message+ts, encoding='utf-8')
signed = self.signing_key.sign(message_bytes, encoder=nacl.encoding.HexEncoder)
signature_hex_str = signed.signature.decode('utf-8')
pubkey_hex = self.signing_key.verify_key.encode(encoder=nacl.encoding.HexEncoder)
try:
self_encrypted_message = helper.encryptMessage(message, pubkey_hex)
except Exception as e:
print("failed to encrypt sent message.")
print(e)
return 1
msg = database.addsentMessages(self.username, send_user, self_encrypted_message, ts, "user")
if msg["response"] == "error":
return 1
payload = {
"loginserver_record": loginserver_record,
"target_pubkey": user_pubkey,
"encrypted_message": encr_message,
"target_username": send_user,
"sender_created_at": ts,
"signature": signature_hex_str
}
if user_status == "online":
user = database.getUserData(send_user)
user_address = user.get("address", None)
user_status = user.get("status", None)
url = "http://" + user_address + "/api/rx_privatemessage"
try:
JSON_object = helper.postJson(payload, headers, url)
response = JSON_object.get("response", None)
if response == "ok":
print("pm sent successfully")
return 0
else:
raise Exception("error sending private message")
except Exception as e:
print("FAILED TO SEND MESAGE")
print(e)
all_users = database.getAllUsers()
#sending offline message.
for user in all_users:
user_address = user.get("address", None)
user_status = user.get("status", None)
if user_address is None or user_status != "online":
continue
url = "http://" + user_address + "/api/rx_privatemessage"
try:
JSON_object = helper.postJson(payload, headers, url)
response = JSON_object.get("response", None)
if response == "ok":
print("pm sent successfully sent")
else:
raise Exception("error sending private message")
except Exception as e:
print(e)
def getUserData(username):
user = database.getUserData(username)
user_address = user.get("address", None)
user_location = user.get("location", None)
user_pubkey = user.get("pubkey", None)
return user_pubkey, user_address, user_location