def validate(self):
result = True
key = 'da:failedlogin:ip:' + str(get_requester_ip(request))
failed_attempts = r.get(key)
if failed_attempts is not None and int(
failed_attempts) > daconfig['attempt limit']:
abort(404)
verification_key = 'da:phonelogin:'******':code'
verification_code = r.get(verification_key)
#r.delete(verification_key)
supplied_verification_code = re.sub(r'[^0-9]', '',
self.verification_code.data)
logmessage("Supplied code is " + str(supplied_verification_code))
if verification_code is None:
logmessage("Verification code with " + str(verification_key) +
" is None")
result = False
elif verification_code.decode() != supplied_verification_code:
logmessage("Verification code with " + str(verification_key) +
" which is " + str(verification_code.decode()) +
" does not match supplied code, which is " +
str(self.verification_code.data))
result = False
else:
logmessage("Code matched")
if result is False:
logmessage("Problem with form")
r.incr(key)
r.expire(key, 86400)
elif failed_attempts is not None:
r.delete(key)
return result
def validate(self):
#import redis
#import docassemble.base.util
from docassemble.webapp.daredis import r
from docassemble.base.logger import logmessage
from flask import request, abort
result = True
#r = redis.StrictRedis(host=docassemble.base.util.redis_server, db=0)
key = 'da:failedlogin:ip:' + str(request.remote_addr)
failed_attempts = r.get(key)
if failed_attempts is not None and int(failed_attempts) > daconfig['attempt limit']:
abort(404)
verification_key = 'da:phonelogin:'******':code'
verification_code = r.get(verification_key)
#r.delete(verification_key)
supplied_verification_code = re.sub(r'[^0-9]', '', self.verification_code.data)
logmessage("Supplied code is " + str(supplied_verification_code))
if verification_code is None:
logmessage("Verification code with " + str(verification_key) + " is None")
result = False
elif verification_code != supplied_verification_code:
logmessage("Verification code with " + str(verification_key) + " which is " + str(verification_code) + " does not match supplied code, which is " + str(self.verification_code.data))
result = False
else:
logmessage("Code matched")
if result is False:
logmessage("Problem with form")
r.incr(key)
r.expire(key, 86400)
elif failed_attempts is not None:
r.delete(key)
return result
def validate(self):
from docassemble.webapp.daredis import r
from docassemble.base.logger import logmessage
from flask import request, abort
result = True
key = 'da:failedlogin:ip:' + str(request.remote_addr)
failed_attempts = r.get(key)
if failed_attempts is not None and int(failed_attempts) > daconfig['attempt limit']:
abort(404)
verification_key = 'da:phonelogin:'******':code'
verification_code = r.get(verification_key)
#r.delete(verification_key)
supplied_verification_code = re.sub(r'[^0-9]', '', self.verification_code.data)
logmessage("Supplied code is " + str(supplied_verification_code))
if verification_code is None:
logmessage("Verification code with " + str(verification_key) + " is None")
result = False
elif verification_code.decode() != supplied_verification_code:
logmessage("Verification code with " + str(verification_key) + " which is " + str(verification_code.decode()) + " does not match supplied code, which is " + str(self.verification_code.data))
result = False
else:
logmessage("Code matched")
if result is False:
logmessage("Problem with form")
r.incr(key)
r.expire(key, 86400)
elif failed_attempts is not None:
r.delete(key)
return result
def validate(self):
#import redis
from docassemble.webapp.daredis import r
#import docassemble.base.util
from flask import request, abort
#r = redis.StrictRedis(host=docassemble.base.util.redis_server, db=0)
key = 'da:failedlogin:ip:' + str(request.remote_addr)
failed_attempts = r.get(key)
if failed_attempts is not None and int(
failed_attempts) > daconfig['attempt limit']:
abort(404)
if daconfig['ldap login'].get('enable', False):
ldap_server = daconfig['ldap login'].get('server',
'localhost').strip()
username = self.email.data
password = self.password.data
connect = ldap.open(ldap_server)
try:
connect.simple_bind_s(username, password)
connect.unbind_s()
from flask import current_app
user_manager = current_app.user_manager
user, user_email = user_manager.find_user_by_email(
self.email.data)
if not user:
from docassemble.base.generate_key import random_alphanumeric
from docassemble.webapp.db_object import db
from docassemble.webapp.users.models import UserModel, Role
while True:
new_social = 'ldap$' + random_alphanumeric(32)
existing_user = UserModel.query.filter_by(
social_id=new_social).first()
if existing_user:
continue
break
user = UserModel(social_id=new_social,
email=self.email.data,
nickname='',
active=True)
user_role = Role.query.filter_by(name='user').first()
user.roles.append(user_role)
db.session.add(user)
db.session.commit()
result = True
except ldap.LDAPError:
connect.unbind_s()
result = super(MySignInForm, self).validate()
else:
result = super(MySignInForm, self).validate()
if result is False:
r.incr(key)
r.expire(key, daconfig['ban period'])
elif failed_attempts is not None:
r.delete(key)
return result
def on_interview_disconnect():
sys.stderr.write('Client disconnected from interview\n')
yaml_filename = session.get('i', None)
session_id = session.get('uid', None)
the_user_id = session.get('user_id', 't' + str(session.get('tempuser', None)))
if request.sid in secrets:
del secrets[request.sid]
if session_id is not None:
rr.delete('da:interviewsession:uid:' + str(session.get('uid', None)) + ':i:' + str(session.get('i', None)) + ':userid:' + str(the_user_id))
key = 'da:session:uid:' + str(session.get('uid', None)) + ':i:' + str(session.get('i', None)) + ':userid:' + str(the_user_id)
rr.expire(key, 10)
rr.publish(request.sid, json.dumps(dict(origin='client', message='KILL', sid=request.sid)))
def on_interview_disconnect():
sys.stderr.write('Client disconnected from interview\n')
yaml_filename = session.get('i', None)
session_id = session.get('uid', None)
the_user_id = session.get('user_id', 't' + str(session.get('tempuser', None)))
if request.sid in secrets:
del secrets[request.sid]
if session_id is not None:
rr.delete('da:interviewsession:uid:' + str(session.get('uid', None)) + ':i:' + str(session.get('i', None)) + ':userid:' + str(the_user_id))
key = 'da:session:uid:' + str(session.get('uid', None)) + ':i:' + str(session.get('i', None)) + ':userid:' + str(the_user_id)
rr.expire(key, 10)
rr.publish(request.sid, json.dumps(dict(origin='client', message='KILL', sid=request.sid)))
def on_observer_disconnect():
sys.stderr.write('Client disconnected from observer\n')
self_key = 'da:control:sid:' + str(request.sid)
int_key = rr.get(self_key)
if int_key is not None:
rr.delete(int_key)
other_sid = rr.get(re.sub(r'^da:control:uid:', 'da:interviewsession:uid:', int_key))
else:
other_sid = None
rr.delete(self_key)
if other_sid is not None:
sys.stderr.write("Calling controllerexit 2");
rr.publish(other_sid, json.dumps(dict(messagetype='controllerexit', sid=request.sid)))
rr.publish(request.sid, json.dumps(dict(message='KILL', sid=request.sid)))
def on_monitor_disconnect():
user_id = session.get('user_id', None)
sys.stderr.write('Client disconnected from monitor\n')
rr.delete('da:monitor:' + str(request.sid))
rr.expire('da:monitor:available:' + str(user_id), 5)
for key in rr.keys('da:monitor:role:*:userid:' + str(user_id)):
rr.expire(key, 5)
for key in rr.keys('da:phonecode:monitor:' + str(user_id) + ':uid:*'):
the_code = rr.get(key)
if the_code is not None:
rr.expire('da:callforward:' + str(the_code), 5)
rr.expire(key, 5)
rr.expire('da:monitor:chatpartners:' + str(user_id), 5)
rr.publish(request.sid, json.dumps(dict(message='KILL', sid=request.sid)))
def monitor_unblock(data):
if 'monitor' not in session:
socketio.emit('terminate', {}, namespace='/monitor', room=request.sid)
return
key = data.get('key', None)
if key is None:
sys.stderr.write("No key provided\n")
return
sys.stderr.write("Unblocking\n")
rr.delete(re.sub(r'^da:session:', 'da:block:', key))
sid = rr.get(re.sub(r'^da:session:', 'da:interviewsession:', key))
if sid is not None:
rr.publish(sid, json.dumps(dict(messagetype='chatpartner', sid=request.sid)))
socketio.emit('unblock', {'key': key}, namespace='/monitor', room=request.sid)
def monitor_unblock(data):
if 'monitor' not in session:
socketio.emit('terminate', {}, namespace='/monitor', room=request.sid)
return
key = data.get('key', None)
if key is None:
sys.stderr.write("No key provided\n")
return
sys.stderr.write("Unblocking\n")
rr.delete(re.sub(r'^da:session:', 'da:block:', key))
sid = rr.get(re.sub(r'^da:session:', 'da:interviewsession:', key))
if sid is not None:
sid = sid.decode()
rr.publish(sid, json.dumps(dict(messagetype='chatpartner', sid=request.sid)))
socketio.emit('unblock', {'key': key}, namespace='/monitor', room=request.sid)
def on_observer_disconnect():
sys.stderr.write('Client disconnected from observer\n')
self_key = 'da:control:sid:' + str(request.sid)
int_key = rr.get(self_key)
if int_key is not None:
int_key = int_key.decode()
rr.delete(int_key)
other_sid = rr.get(re.sub(r'^da:control:uid:', 'da:interviewsession:uid:', int_key))
else:
other_sid = None
rr.delete(self_key)
if other_sid is not None:
other_sid = other_sid.decode()
sys.stderr.write("Calling controllerexit 2");
rr.publish(other_sid, json.dumps(dict(messagetype='controllerexit', sid=request.sid)))
rr.publish(request.sid, json.dumps(dict(message='KILL', sid=request.sid)))
def on_monitor_disconnect():
user_id = session.get('user_id', None)
sys.stderr.write('Client disconnected from monitor\n')
rr.delete('da:monitor:' + str(request.sid))
rr.expire('da:monitor:available:' + str(user_id), 5)
for key in rr.keys('da:monitor:role:*:userid:' + str(user_id)):
key = key.decode()
rr.expire(key, 5)
for key in rr.keys('da:phonecode:monitor:' + str(user_id) + ':uid:*'):
key = key.decode()
the_code = rr.get(key)
if the_code is not None:
the_code = the_code.decode()
rr.expire('da:callforward:' + the_code, 5)
rr.expire(key, 5)
rr.expire('da:monitor:chatpartners:' + str(user_id), 5)
rr.publish(request.sid, json.dumps(dict(message='KILL', sid=request.sid)))
def validate(self):
from docassemble.webapp.daredis import r
from flask import request, abort
key = 'da:failedlogin:ip:' + str(request.remote_addr)
failed_attempts = r.get(key)
if failed_attempts is not None and int(
failed_attempts) > daconfig['attempt limit']:
abort(404)
if daconfig['ldap login'].get('enable', False):
ldap_server = daconfig['ldap login'].get('server',
'localhost').strip()
username = self.email.data
password = self.password.data
connect = ldap.open(ldap_server)
try:
connect.simple_bind_s(username, password)
connect.unbind_s()
from flask import current_app
user_manager = current_app.user_manager
user, user_email = user_manager.find_user_by_email(
self.email.data)
if not user:
from docassemble.base.generate_key import random_alphanumeric
from docassemble.webapp.db_object import db
from docassemble.webapp.users.models import UserModel, Role
while True:
new_social = 'ldap$' + random_alphanumeric(32)
existing_user = UserModel.query.filter_by(
social_id=new_social).first()
if existing_user:
continue
break
user = UserModel(social_id=new_social,
email=self.email.data,
nickname='',
active=True)
user_role = Role.query.filter_by(name='user').first()
user.roles.append(user_role)
db.session.add(user)
db.session.commit()
result = True
except ldap.LDAPError:
connect.unbind_s()
result = super(MySignInForm, self).validate()
else:
from flask import current_app
user_manager = current_app.user_manager
user, user_email = user_manager.find_user_by_email(self.email.data)
if user is None:
return False
if user and (user.password is None or
(user.social_id is not None
and not user.social_id.startswith('local$'))):
self.email.errors = list(self.email.errors)
if user.social_id.startswith('google$'):
self.email.errors.append(
word("You need to log in with Google."))
elif user.social_id.startswith('azure$'):
self.email.errors.append(
word("You need to log in with Azure."))
elif user.social_id.startswith('auth0$'):
self.email.errors.append(
word("You need to log in with Auth0."))
elif user.social_id.startswith('twitter$'):
self.email.errors.append(
word("You need to log in with Twitter."))
elif user.social_id.startswith('facebook$'):
self.email.errors.append(
word("You need to log in with Facebook."))
else:
self.email.errors.append(
word("You cannot log in this way."))
return False
#sys.stderr.write("Trying super validate\n")
result = super(MySignInForm, self).validate()
#sys.stderr.write("Super validate response was " + repr(result) + "\n")
if result is False:
r.incr(key)
r.expire(key, daconfig['ban period'])
elif failed_attempts is not None:
r.delete(key)
return result
def release_lock(user_code, filename):
key = 'da:lock:' + user_code + ':' + filename
rr.delete(key)
def update_monitor(message):
if 'monitor' not in session:
socketio.emit('terminate', {}, namespace='/monitor', room=request.sid)
return
#sys.stderr.write('received message from ' + str(request.sid) + "\n")
available_for_chat = message['available_for_chat']
new_subscribed_roles = message['subscribed_roles']
new_phone_partners = message['phone_partners_to_add']
term_phone_partners = message['phone_partners_to_terminate']
phone_number = message['phone_number']
phone_number_key = 'da:monitor:phonenumber:' + str(session['user_id'])
if phone_number is None or phone_number == '':
rr.delete(phone_number_key)
else:
pipe = rr.pipeline()
pipe.set(phone_number_key, phone_number)
pipe.expire(phone_number_key, 2592000)
pipe.execute()
phone_partners = dict()
prefix = 'da:phonecode:monitor:' + str(session['user_id']) + ':uid:'
for key in term_phone_partners:
the_code = rr.get(key)
if the_code is not None:
rr.delete(re.sub(r'da:session:uid:', prefix, key))
rr.delete('da:callforward:' + str(the_code))
if phone_number is None or phone_number == '':
for key in rr.keys(prefix + '*'):
the_code = rr.get(key)
if the_code is not None:
rr.delete(key)
rr.delete('da:callforward:' + str(the_code))
else:
codes_in_use = set()
for key in rr.keys('da:callforward:*'):
code = re.sub(r'^da:callforward:', '', key)
codes_in_use.add(code)
for key in rr.keys(prefix + '*'):
phone_partners[re.sub(r'^da:phonecode:monitor:[0-9]*:uid:', 'da:session:uid:', key)] = 1
for key in new_phone_partners:
if key in phone_partners:
continue
times = 0
ok = False
while times < 1000:
times += 1
code = "%04d" % random.randint(1000, 9999)
if code in codes_in_use:
continue
ok = True
the_code = code
new_key = re.sub(r'^da:session:uid:', prefix, key)
code_key = 'da:callforward:' + str(code)
pipe = rr.pipeline()
pipe.set(new_key, code)
pipe.set(code_key, phone_number)
pipe.expire(new_key, 300)
pipe.expire(code_key, 300)
pipe.execute()
phone_partners[key] = 1
break
if times >= 1000:
logmessage("update_monitor: could not get a random integer")
#sys.stderr.write('subscribed roles are type ' + str(type(new_subscribed_roles)) + " which is " + str(new_subscribed_roles) + "\n")
monitor_key = 'da:monitor:' + str(request.sid)
pipe = rr.pipeline()
pipe.set(monitor_key, 1)
pipe.expire(monitor_key, 60)
pipe.execute()
key = 'da:monitor:available:' + str(session['user_id'])
key_exists = rr.exists(key)
chat_partners = dict()
for cp_key in rr.hgetall('da:monitor:chatpartners:' + str(session['user_id'])):
if rr.get(cp_key) is None:
rr.hdel('da:monitor:chatpartners:' + str(session['user_id']), cp_key)
else:
chat_partners[re.sub('^da:interviewsession:uid:', r'da:session:uid:', cp_key)] = 1
#sys.stderr.write('daAvailableForChat is ' + str(available_for_chat) + " for key " + key + "\n")
if available_for_chat:
pipe = rr.pipeline()
pipe.set(key, request.sid)
pipe.expire(key, 60)
pipe.execute()
elif key_exists:
#sys.stderr.write("Deleting shit\n")
pipe = rr.pipeline()
pipe.delete(key)
for avail_key in rr.keys('da:monitor:role:*:userid:' + str(session['user_id'])):
pipe.delete(avail_key)
pipe.execute()
avail_roles = list()
for key in rr.keys('da:chat:roletype:*'):
avail_roles.append(re.sub(r'^da:chat:roletype:', r'', key))
sub_role_key = 'da:monitor:userrole:' + str(session['user_id'])
if rr.exists(sub_role_key):
subscribed_roles = rr.hgetall(sub_role_key)
else:
subscribed_roles = dict()
del_mon_role_keys = list()
for role_key in new_subscribed_roles.keys():
if role_key not in avail_roles:
#sys.stderr.write("role_key is " + str(role_key) + " which is " + str(type(role_key)) + "\n")
del new_subscribed_roles[role_key]
for role_key in subscribed_roles.keys():
if role_key not in avail_roles:
rr.hdel(sub_role_key, role_key)
del_mon_role_keys.append('da:monitor:role:' + role_key + ':userid:' + str(session['user_id']))
for role_key in new_subscribed_roles.keys():
if role_key not in subscribed_roles:
rr.hset(sub_role_key, role_key, 1)
subscribed_roles[role_key] = 1
for role_key in subscribed_roles.keys():
if role_key not in new_subscribed_roles:
rr.hdel(sub_role_key, role_key)
del_mon_role_keys.append('da:monitor:role:' + role_key + ':userid:' + str(session['user_id']))
del subscribed_roles[role_key]
if len(del_mon_role_keys):
pipe = rr.pipeline()
for key in del_mon_role_keys:
pipe.delete(key)
pipe.execute()
if available_for_chat and len(subscribed_roles):
pipe = rr.pipeline()
for role_key in subscribed_roles.keys():
key = 'da:monitor:role:' + role_key + ':userid:' + str(session['user_id'])
pipe.set(key, 1)
pipe.expire(key, 60)
pipe.execute()
keylist = list()
for key in rr.keys('da:session:*'):
keylist.append(key)
sessions = dict()
for key in keylist:
try:
sessobj = pickle.loads(rr.get(key))
except:
sys.stderr.write('error parsing value of ' + str(key) + " which was " + str(rr.get(key)) + "\n")
continue
if sessobj.get('chatstatus', None) != 'off':
html = rr.get(re.sub(r'^da:session:', 'da:html:', key))
if html is not None:
obj = json.loads(html)
sessobj['browser_title'] = obj.get('browser_title', 'not available')
if rr.exists(re.sub(r'^da:session:', 'da:block:', key)):
sessobj['blocked'] = True
else:
sessobj['blocked'] = False
sessions[key] = sessobj
socketio.emit('updatemonitor', {'available_for_chat': available_for_chat, 'subscribedRoles': subscribed_roles, 'sessions': sessions, 'availRoles': sorted(avail_roles), 'chatPartners': chat_partners, 'phonePartners': phone_partners}, namespace='/monitor', room=request.sid)
def validate(self):
from docassemble.webapp.daredis import r
from flask import request, abort
key = 'da:failedlogin:ip:' + str(request.remote_addr)
failed_attempts = r.get(key)
if failed_attempts is not None and int(failed_attempts) > daconfig['attempt limit']:
abort(404)
if daconfig['ldap login'].get('enable', False):
ldap_server = daconfig['ldap login'].get('server', 'localhost').strip()
username = self.email.data
password = self.password.data
connect = ldap.open(ldap_server)
try:
connect.simple_bind_s(username, password)
connect.unbind_s()
from flask import current_app
user_manager = current_app.user_manager
user, user_email = user_manager.find_user_by_email(self.email.data)
if not user:
from docassemble.base.generate_key import random_alphanumeric
from docassemble.webapp.db_object import db
from docassemble.webapp.users.models import UserModel, Role
while True:
new_social = 'ldap$' + random_alphanumeric(32)
existing_user = UserModel.query.filter_by(social_id=new_social).first()
if existing_user:
continue
break
user = UserModel(social_id=new_social, email=self.email.data, nickname='', active=True)
user_role = Role.query.filter_by(name='user').first()
user.roles.append(user_role)
db.session.add(user)
db.session.commit()
result = True
except ldap.LDAPError:
connect.unbind_s()
result = super(MySignInForm, self).validate()
else:
from flask import current_app
user_manager = current_app.user_manager
user, user_email = user_manager.find_user_by_email(self.email.data)
if user is None:
return False
if user and (user.password is None or (user.social_id is not None and not user.social_id.startswith('local$'))):
self.email.errors = list(self.email.errors)
if user.social_id.startswith('google$'):
self.email.errors.append(word("You need to log in with Google."))
elif user.social_id.startswith('azure$'):
self.email.errors.append(word("You need to log in with Azure."))
elif user.social_id.startswith('auth0$'):
self.email.errors.append(word("You need to log in with Auth0."))
elif user.social_id.startswith('twitter$'):
self.email.errors.append(word("You need to log in with Twitter."))
elif user.social_id.startswith('facebook$'):
self.email.errors.append(word("You need to log in with Facebook."))
else:
self.email.errors.append(word("You cannot log in this way."))
return False
#sys.stderr.write("Trying super validate\n")
result = super(MySignInForm, self).validate()
#sys.stderr.write("Super validate response was " + repr(result) + "\n")
if result is False:
r.incr(key)
r.expire(key, daconfig['ban period'])
elif failed_attempts is not None:
r.delete(key)
return result
def interview_connect():
session_id = session.get('uid', None)
if session_id is not None:
user_dict, is_encrypted = get_dict_encrypt()
if is_encrypted:
secret = request.cookies.get('secret', None)
else:
secret = None
if secret is not None:
secret = str(secret)
if user_dict is None:
sys.stderr.write("user_dict did not exist.\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
chat_info = user_dict['_internal']['livehelp']
if chat_info['availability'] == 'unavailable':
sys.stderr.write("Socket started but chat is unavailable.\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
#sys.stderr.write('chat info is ' + str(chat_info) + "\n")
if user_dict['_internal']['livehelp']['mode'] in ['peer', 'peerhelp']:
peer_ok = True
else:
peer_ok = False
yaml_filename = session.get('i', None)
the_user_id = session.get('user_id', 't' + str(session.get('tempuser', None)))
if request.sid not in threads:
#sys.stderr.write('Starting thread for sid ' + str(request.sid) + "\n")
threads[request.sid] = socketio.start_background_task(target=background_thread, sid=request.sid, user_id=session.get('user_id', None), temp_user_id=session.get('tempuser', None))
channel_up = wait_for_channel(rr, request.sid)
if not channel_up:
sys.stderr.write("Channel did not come up.\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
lkey = 'da:ready:uid:' + str(session_id) + ':i:' + str(yaml_filename) + ':userid:' + str(the_user_id)
#sys.stderr.write("Searching: " + lkey + "\n")
if rr.exists(lkey):
lkey_exists = True
else:
lkey_exists = False
if lkey_exists is False and peer_ok is False:
sys.stderr.write("Key does not exist: " + lkey + ".\n")
#socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
#return
failed_to_find_partner = True
found_help = False
if lkey_exists:
partner_keys = rr.lrange(lkey, 0, -1)
#sys.stderr.write("partner_keys is: " + str(type(partner_keys)) + " " + str(partner_keys) + "\n")
if partner_keys is None and not peer_ok:
sys.stderr.write("No partner keys: " + lkey + ".\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
rr.delete(lkey)
for pkey in partner_keys:
#sys.stderr.write("Considering: " + pkey + "\n")
partner_sid = rr.get(pkey)
if partner_sid is not None:
if re.match(r'^da:monitor:available:.*', pkey):
is_help = True
else:
is_help = False
if is_help and found_help:
continue
#sys.stderr.write("Trying to pub to " + str(partner_sid) + " from " + str(pkey) + "\n")
listeners = rr.publish(partner_sid, json.dumps(dict(messagetype='chatready', uid=session_id, i=yaml_filename, userid=the_user_id, secret=secret, sid=request.sid)))
#sys.stderr.write("Listeners: " + str(listeners) + "\n")
if re.match(r'^da:interviewsession.*', pkey):
rr.publish(request.sid, json.dumps(dict(messagetype='chatready', sid=partner_sid)))
else:
rr.publish(request.sid, json.dumps(dict(messagetype='chatpartner', sid=partner_sid)))
if listeners > 0:
if is_help:
found_help = True
failed_to_find_partner = False
if failed_to_find_partner and peer_ok is False:
sys.stderr.write("Unable to reach any potential chat partners.\n")
#socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
#return
key = 'da:interviewsession:uid:' + str(session_id) + ':i:' + str(yaml_filename) + ':userid:' + str(the_user_id)
rr.set(key, request.sid)
def interview_connect():
session_id = session.get('uid', None)
if session_id is not None:
user_dict, is_encrypted = get_dict_encrypt()
if is_encrypted:
secret = request.cookies.get('secret', None)
else:
secret = None
if secret is not None:
secret = str(secret)
if user_dict is None:
sys.stderr.write("user_dict did not exist.\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
chat_info = user_dict['_internal']['livehelp']
if chat_info['availability'] == 'unavailable':
sys.stderr.write("Socket started but chat is unavailable.\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
#sys.stderr.write('chat info is ' + str(chat_info) + "\n")
if user_dict['_internal']['livehelp']['mode'] in ['peer', 'peerhelp']:
peer_ok = True
else:
peer_ok = False
yaml_filename = session.get('i', None)
the_user_id = session.get('user_id', 't' + str(session.get('tempuser', None)))
if request.sid not in threads:
#sys.stderr.write('Starting thread for sid ' + str(request.sid) + "\n")
threads[request.sid] = socketio.start_background_task(target=background_thread, sid=request.sid, user_id=session.get('user_id', None), temp_user_id=session.get('tempuser', None))
channel_up = wait_for_channel(rr, request.sid)
if not channel_up:
sys.stderr.write("Channel did not come up.\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
lkey = 'da:ready:uid:' + str(session_id) + ':i:' + str(yaml_filename) + ':userid:' + str(the_user_id)
#sys.stderr.write("Searching: " + lkey + "\n")
if rr.exists(lkey):
lkey_exists = True
else:
lkey_exists = False
if lkey_exists is False and peer_ok is False:
sys.stderr.write("Key does not exist: " + lkey + ".\n")
#socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
#return
failed_to_find_partner = True
found_help = False
if lkey_exists:
partner_keys = rr.lrange(lkey, 0, -1)
#sys.stderr.write("partner_keys is: " + str(type(partner_keys)) + " " + str(partner_keys) + "\n")
if partner_keys is None and not peer_ok:
sys.stderr.write("No partner keys: " + lkey + ".\n")
socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
return
rr.delete(lkey)
for pkey in partner_keys:
pkey = pkey.decode()
#sys.stderr.write("Considering: " + pkey + "\n")
partner_sid = rr.get(pkey)
if partner_sid is not None:
partner_sid = partner_sid.decode()
if re.match(r'^da:monitor:available:.*', pkey):
is_help = True
else:
is_help = False
if is_help and found_help:
continue
#sys.stderr.write("Trying to pub to " + str(partner_sid) + " from " + str(pkey) + "\n")
listeners = rr.publish(partner_sid, json.dumps(dict(messagetype='chatready', uid=session_id, i=yaml_filename, userid=the_user_id, secret=secret, sid=request.sid)))
#sys.stderr.write("Listeners: " + str(listeners) + "\n")
if re.match(r'^da:interviewsession.*', pkey):
rr.publish(request.sid, json.dumps(dict(messagetype='chatready', sid=partner_sid)))
else:
rr.publish(request.sid, json.dumps(dict(messagetype='chatpartner', sid=partner_sid)))
if listeners > 0:
if is_help:
found_help = True
failed_to_find_partner = False
if failed_to_find_partner and peer_ok is False:
sys.stderr.write("Unable to reach any potential chat partners.\n")
#socketio.emit('terminate', {}, namespace='/wsinterview', room=request.sid)
#return
key = 'da:interviewsession:uid:' + str(session_id) + ':i:' + str(yaml_filename) + ':userid:' + str(the_user_id)
rr.set(key, request.sid)
def validate(self):
key = 'da:failedlogin:ip:' + str(get_requester_ip(request))
failed_attempts = r.get(key)
if failed_attempts is not None and int(
failed_attempts) > daconfig['attempt limit']:
abort(404)
if daconfig['ldap login'].get('enable', False):
ldap_server = daconfig['ldap login'].get('server',
'localhost').strip()
username = self.email.data
password = self.password.data
connect = ldap.initialize('ldap://' + ldap_server)
connect.set_option(ldap.OPT_REFERRALS, 0)
try:
connect.simple_bind_s(username, password)
if connect.whoami_s() is not None:
connect.unbind_s()
user_manager = current_app.user_manager
user, user_email = user_manager.find_user_by_email(
self.email.data)
if not user:
while True:
new_social = 'ldap$' + random_alphanumeric(32)
existing_user = db.session.execute(
select(UserModel).filter_by(
social_id=new_social)).scalar()
if existing_user:
continue
break
user = UserModel(social_id=new_social,
email=self.email.data,
nickname='',
active=True)
user_role = db.session.execute(
select(Role).filter_by(name='user')).scalar_one()
user.roles.append(user_role)
db.session.add(user)
db.session.commit()
result = True
else:
connect.unbind_s()
result = super().validate()
except (ldap.LDAPError, ldap.INVALID_CREDENTIALS):
connect.unbind_s()
result = super().validate()
else:
user_manager = current_app.user_manager
user, user_email = user_manager.find_user_by_email(self.email.data)
if user is None:
if daconfig.get('confirm registration', False):
self.email.errors = []
self.email.errors.append(
word("Incorrect Email and/or Password"))
self.password.errors = []
self.password.errors.append(
word("Incorrect Email and/or Password"))
else:
self.email.errors = list(self.email.errors)
self.email.errors.append(word("Account did not exist."))
return False
if user and (user.password is None or
(user.social_id is not None
and not user.social_id.startswith('local$'))):
self.email.errors = list(self.email.errors)
if user.social_id.startswith('google$'):
self.email.errors.append(
word("You need to log in with Google."))
elif user.social_id.startswith('azure$'):
self.email.errors.append(
word("You need to log in with Azure."))
elif user.social_id.startswith('auth0$'):
self.email.errors.append(
word("You need to log in with Auth0."))
elif user.social_id.startswith('twitter$'):
self.email.errors.append(
word("You need to log in with Twitter."))
elif user.social_id.startswith('facebook$'):
self.email.errors.append(
word("You need to log in with Facebook."))
else:
self.email.errors.append(
word("You cannot log in this way."))
return False
#sys.stderr.write("Trying super validate\n")
result = super().validate()
#sys.stderr.write("Super validate response was " + repr(result) + "\n")
if result is False:
r.incr(key)
r.expire(key, daconfig['ban period'])
elif failed_attempts is not None:
r.delete(key)
return result
def release_lock(user_code, filename):
key = 'da:lock:' + user_code + ':' + filename
rr.delete(key)
def update_monitor(message):
if 'monitor' not in session:
socketio.emit('terminate', {}, namespace='/monitor', room=request.sid)
return
#sys.stderr.write('received message from ' + str(request.sid) + "\n")
available_for_chat = message['available_for_chat']
new_subscribed_roles = message['subscribed_roles']
new_phone_partners = message['phone_partners_to_add']
term_phone_partners = message['phone_partners_to_terminate']
phone_number = message['phone_number']
phone_number_key = 'da:monitor:phonenumber:' + str(session['user_id'])
if phone_number is None or phone_number == '':
rr.delete(phone_number_key)
else:
pipe = rr.pipeline()
pipe.set(phone_number_key, phone_number)
pipe.expire(phone_number_key, 2592000)
pipe.execute()
phone_partners = dict()
prefix = 'da:phonecode:monitor:' + str(session['user_id']) + ':uid:'
for key in term_phone_partners:
the_code = rr.get(key)
if the_code is not None:
the_code = the_code.decode()
rr.delete(re.sub(r'da:session:uid:', prefix, key))
rr.delete('da:callforward:' + the_code)
if phone_number is None or phone_number == '':
for key in rr.keys(prefix + '*'):
key = key.decode()
the_code = rr.get(key)
if the_code is not None:
the_code = the_code.decode()
rr.delete(key)
rr.delete('da:callforward:' + the_code)
else:
codes_in_use = set()
for key in rr.keys('da:callforward:*'):
key = key.decode()
code = re.sub(r'^da:callforward:', '', key)
codes_in_use.add(code)
for key in rr.keys(prefix + '*'):
key = key.decode()
phone_partners[re.sub(r'^da:phonecode:monitor:[0-9]*:uid:', 'da:session:uid:', key)] = 1
for key in new_phone_partners:
if key in phone_partners:
continue
times = 0
ok = False
while times < 1000:
times += 1
code = "%04d" % random.randint(1000, 9999)
if code in codes_in_use:
continue
ok = True
the_code = code
new_key = re.sub(r'^da:session:uid:', prefix, key)
code_key = 'da:callforward:' + str(code)
pipe = rr.pipeline()
pipe.set(new_key, code)
pipe.set(code_key, phone_number)
pipe.expire(new_key, 300)
pipe.expire(code_key, 300)
pipe.execute()
phone_partners[key] = 1
break
if times >= 1000:
logmessage("update_monitor: could not get a random integer")
#sys.stderr.write('subscribed roles are type ' + str(type(new_subscribed_roles)) + " which is " + str(new_subscribed_roles) + "\n")
monitor_key = 'da:monitor:' + str(request.sid)
pipe = rr.pipeline()
pipe.set(monitor_key, 1)
pipe.expire(monitor_key, 60)
pipe.execute()
key = 'da:monitor:available:' + str(session['user_id'])
key_exists = rr.exists(key)
chat_partners = dict()
for cp_key in rr.hgetall('da:monitor:chatpartners:' + str(session['user_id'])):
cp_key = cp_key.decode()
if rr.get(cp_key) is None:
rr.hdel('da:monitor:chatpartners:' + str(session['user_id']), cp_key)
else:
chat_partners[re.sub('^da:interviewsession:uid:', r'da:session:uid:', cp_key)] = 1
#sys.stderr.write('daAvailableForChat is ' + str(available_for_chat) + " for key " + key + "\n")
if available_for_chat:
pipe = rr.pipeline()
pipe.set(key, request.sid)
pipe.expire(key, 60)
pipe.execute()
elif key_exists:
#sys.stderr.write("Deleting shit\n")
pipe = rr.pipeline()
pipe.delete(key)
for avail_key in rr.keys('da:monitor:role:*:userid:' + str(session['user_id'])):
pipe.delete(avail_key.decode())
pipe.execute()
avail_roles = list()
for key in rr.keys('da:chat:roletype:*'):
avail_roles.append(re.sub(r'^da:chat:roletype:', r'', key.decode()))
sub_role_key = 'da:monitor:userrole:' + str(session['user_id'])
if rr.exists(sub_role_key):
subscribed_roles = decode_dict(rr.hgetall(sub_role_key))
else:
subscribed_roles = dict()
del_mon_role_keys = list()
for role_key in [k for k in new_subscribed_roles.keys()]:
if role_key not in avail_roles:
#sys.stderr.write("role_key is " + str(role_key) + " which is " + str(type(role_key)) + "\n")
del new_subscribed_roles[role_key]
for role_key in [k for k in subscribed_roles.keys()]:
if role_key not in avail_roles:
rr.hdel(sub_role_key, role_key)
del_mon_role_keys.append('da:monitor:role:' + role_key + ':userid:' + str(session['user_id']))
for role_key in [k for k in new_subscribed_roles.keys()]:
if role_key not in subscribed_roles:
rr.hset(sub_role_key, role_key, 1)
subscribed_roles[role_key] = 1
for role_key in [k for k in subscribed_roles.keys()]:
if role_key not in new_subscribed_roles:
rr.hdel(sub_role_key, role_key)
del_mon_role_keys.append('da:monitor:role:' + role_key + ':userid:' + str(session['user_id']))
del subscribed_roles[role_key]
if len(del_mon_role_keys):
pipe = rr.pipeline()
for key in del_mon_role_keys:
pipe.delete(key)
pipe.execute()
if available_for_chat and len(subscribed_roles):
pipe = rr.pipeline()
for role_key in [k for k in subscribed_roles.keys()]:
key = 'da:monitor:role:' + role_key + ':userid:' + str(session['user_id'])
pipe.set(key, 1)
pipe.expire(key, 60)
pipe.execute()
keylist = list()
for key in rr.keys('da:session:*'):
keylist.append(key.decode())
sessions = dict()
for key in keylist:
try:
sessobj = fix_pickle_obj(rr.get(key))
except:
sys.stderr.write('error parsing value of ' + str(key) + " which was " + repr(rr.get(key)) + "\n")
continue
if sessobj.get('chatstatus', None) != 'off':
html = rr.get(re.sub(r'^da:session:', 'da:html:', key))
if html is not None:
html = html.decode()
obj = json.loads(html)
sessobj['browser_title'] = obj.get('browser_title', 'not available')
if rr.exists(re.sub(r'^da:session:', 'da:block:', key)):
sessobj['blocked'] = True
else:
sessobj['blocked'] = False
sessions[key] = sessobj
socketio.emit('updatemonitor', {'available_for_chat': available_for_chat, 'subscribedRoles': subscribed_roles, 'sessions': sessions, 'availRoles': sorted(avail_roles), 'chatPartners': chat_partners, 'phonePartners': phone_partners}, namespace='/monitor', room=request.sid)
