def createuser(self, event): self.log("Creating user") try: newuser = objectmodels['user']({ 'name': event.username, 'passhash': event.passhash, 'uuid': str(uuid4()) }) newuser.save() except Exception as e: self.log("Problem creating new user: "******"New profile uuid: ", newprofile.uuid, lvl=verbose) # TODO: Fix this - yuk! newprofile.components = { 'enabled': ["dashboard", "map", "weather", "settings"]} newprofile.save() except Exception as e: self.log("Problem creating new profile: ", type(e), e, lvl=error) return try: # TODO: Clone or reference systemwide default configuration newclientconfig = objectmodels['client']() newclientconfig.uuid = event.clientuuid newclientconfig.name = "New client" newclientconfig.description = "New client configuration " \ "from " + newuser.name newclientconfig.useruuid = newuser.uuid newclientconfig.save() except Exception as e: self.log("Problem creating new clientconfig: ", type(e), e, lvl=error) return try: self.fireEvent( authentication(newuser.name, (newuser, newprofile, newclientconfig), event.clientuuid, newuser.uuid, event.sock), "auth") self.fireEvent(send(event.clientuuid, { 'component': 'auth', 'action': 'new', 'data': 'registration successful' }, sendtype="client"), "hfosweb") except Exception as e: self.log("Error during new account confirmation transmission", e, lvl=error)
def authenticationrequest(self, event): """Handles authentication requests from clients :param event: AuthenticationRequest with user's credentials """ # TODO: Refactor to simplify if event.auto: self.log("Automatic login request:") e = None try: clientconfig = objectmodels['client'].find_one({ 'uuid': event.requestedclientuuid }) except Exception as e: clientconfig = None if clientconfig is None or clientconfig.autologin == False: self.log("Autologin failed.", lvl=error) return # noinspection PySimplifyBooleanCheck if clientconfig.autologin == True: try: useraccount = objectmodels['user'].find_one({ 'uuid': clientconfig.useruuid }) self.log("Account: %s" % useraccount._fields, lvl=debug) except Exception as e: self.log("No userobject due to error: ", e, type(e), lvl=error) try: userprofile = objectmodels['profile'].find_one({ 'uuid': str(useraccount.uuid) }) self.log("Profile: ", userprofile, useraccount.uuid, lvl=debug) useraccount.passhash = "" self.fireEvent( authentication(useraccount.name, ( useraccount, userprofile, clientconfig), event.clientuuid, useraccount.uuid, event.sock), "auth") self.log("Autologin successful!", lvl=error) except Exception as e: self.log("No profile due to error: ", e, type(e), lvl=error) else: self.log("Auth request for ", event.username, event.clientuuid) if (len(event.username) < 3) or (len(event.passhash) < 3): self.log("Illegal username or password received, " "login cancelled", lvl=warn) return useraccount = None clientconfig = None userprofile = None try: useraccount = objectmodels['user'].find_one({ 'name': event.username }) self.log("Account: %s" % useraccount._fields, lvl=debug) except Exception as e: self.log("No userobject due to error: ", e, type(e), lvl=error) if useraccount: self.log("User found.") if useraccount.passhash == event.passhash: self.log("Passhash matches, checking client and profile.", lvl=debug) requestedclientuuid = event.requestedclientuuid # Client requests to get an existing client # configuration or has none clientconfig = objectmodels['client'].find_one({ 'uuid': requestedclientuuid }) if clientconfig: self.log("Checking client configuration permissions", lvl=debug) if clientconfig.useruuid != useraccount.uuid: clientconfig = None self.log("Unauthorized client configuration " "requested", lvl=warn) else: self.log("Unknown client configuration requested: ", requestedclientuuid, event.__dict__, lvl=warn) if not clientconfig: self.log("Creating new default client configuration") # Either no configuration was found or requested # -> Create a new client configuration clientconfig = objectmodels['client']() clientconfig.uuid = event.clientuuid clientconfig.name = "New client" clientconfig.description = "New client configuration from " + useraccount.name clientconfig.useruuid = useraccount.uuid # TODO: Make sure the profile is only saved if the # client could store it, too clientconfig.save() try: userprofile = objectmodels['profile'].find_one( {'uuid': str(useraccount.uuid)}) self.log("Profile: ", userprofile, useraccount.uuid, lvl=debug) useraccount.passhash = "" self.fireEvent( authentication(useraccount.name, ( useraccount, userprofile, clientconfig), event.clientuuid, useraccount.uuid, event.sock), "auth") except Exception as e: self.log("No profile due to error: ", e, type(e), lvl=error) else: self.log("Password was wrong!", lvl=warn) self.log("Done with Login request", lvl=debug) else: self.createuser(event)
def authenticationrequest(self, event): """Handles authentication requests from clients :param event: AuthenticationRequest with user's credentials """ # TODO: Refactor to simplify if event.auto: self.log("Verifying automatic login request") try: clientconfig = objectmodels['client'].find_one( {'uuid': event.requestedclientuuid}) except Exception: clientconfig = None if clientconfig is None or clientconfig.autologin is False: self.log("Autologin failed:", event.requestedclientuuid, lvl=error) return if clientconfig.autologin is True: try: useraccount = objectmodels['user'].find_one( {'uuid': clientconfig.owner}) self.log("Autologin for", useraccount.name, lvl=debug) except Exception as e: self.log("No user object due to error: ", e, type(e), lvl=error) try: userprofile = objectmodels['profile'].find_one( {'owner': str(useraccount.uuid)}) self.log("Profile: ", userprofile, useraccount.uuid, lvl=debug) useraccount.passhash = "" self.fireEvent( authentication( useraccount.name, (useraccount, userprofile, clientconfig), event.clientuuid, useraccount.uuid, event.sock), "auth") self.log("Autologin successful!", lvl=warn) except Exception as e: self.log("No profile due to error: ", e, type(e), lvl=error) else: self.log("Auth request for ", event.username, event.clientuuid) # TODO: Move registration to its own part # TODO: Define the requirements for secure passwords etc. if (len(event.username) < 3) or (len(event.password) < 3): self.log( "Illegal username or password received, " "login cancelled", lvl=warn) notification = { 'component': 'auth', 'action': 'fail', 'data': 'Password or username too short' } self.fireEvent( send(event.clientuuid, notification, sendtype='client')) return useraccount = None clientconfig = None userprofile = None # TODO: Notify problems here back to the frontend try: useraccount = objectmodels['user'].find_one( {'name': event.username}) self.log("Account: %s" % useraccount._fields, lvl=debug) except Exception as e: self.log("No userobject due to error: ", e, type(e), lvl=error) if useraccount: self.log("User found.", lvl=debug) if self.makehash(event.password) == useraccount.passhash: self.log("Passhash matches, checking client and profile.", lvl=debug) requestedclientuuid = event.requestedclientuuid # Client requests to get an existing client # configuration or has none clientconfig = objectmodels['client'].find_one( {'uuid': requestedclientuuid}) if clientconfig: self.log("Checking client configuration permissions", lvl=debug) if clientconfig.owner != useraccount.uuid: clientconfig = None self.log( "Unauthorized client configuration " "requested", lvl=warn) else: self.log("Unknown client configuration requested: ", requestedclientuuid, event.__dict__, lvl=warn) if not clientconfig: self.log("Creating new default client configuration") # Either no configuration was found or requested # -> Create a new client configuration uuid = event.clientuuid if event.clientuuid is not \ None else str(uuid4()) clientconfig = objectmodels['client']({'uuid': uuid}) clientconfig.name = "New client" clientconfig.description = "New client configuration" \ " from " + useraccount.name clientconfig.owner = useraccount.uuid # TODO: Make sure the profile is only saved if the # client could store it, too clientconfig.save() try: userprofile = objectmodels['profile'].find_one( {'owner': str(useraccount.uuid)}) self.log("Profile: ", userprofile, useraccount.uuid, lvl=debug) useraccount.passhash = "" self.fireEvent( authentication( useraccount.name, (useraccount, userprofile, clientconfig), event.clientuuid, useraccount.uuid, event.sock), "auth") except Exception as e: self.log("No profile due to error: ", e, type(e), lvl=error) else: self.log("Password was wrong!", lvl=warn) self.fireEvent( send(event.clientuuid, { 'component': 'auth', 'action': 'fail', 'data': 'N/A' }, sendtype="client"), "hfosweb") self.log("Done with Login request", lvl=debug) elif self.systemconfig.allowregister: self.createuser(event) else: self.log( 'User not found and system configuration does not ' 'allow new users to be created', lvl=warn)
def authenticationrequest(self, event): """Handles authentication requests from clients :param event: AuthenticationRequest with user's credentials """ # TODO: Refactor to simplify if event.auto: self.log("Verifying automatic login request") try: clientconfig = objectmodels['client'].find_one({ 'uuid': event.requestedclientuuid }) except Exception: clientconfig = None if clientconfig is None or clientconfig.autologin is False: self.log("Autologin failed:", event.requestedclientuuid, lvl=error) return if clientconfig.autologin is True: try: useraccount = objectmodels['user'].find_one({ 'uuid': clientconfig.owner }) self.log("Autologin for", useraccount.name, lvl=debug) except Exception as e: self.log("No user object due to error: ", e, type(e), lvl=error) try: userprofile = objectmodels['profile'].find_one({ 'owner': str(useraccount.uuid) }) self.log("Profile: ", userprofile, useraccount.uuid, lvl=debug) useraccount.passhash = "" self.fireEvent( authentication(useraccount.name, ( useraccount, userprofile, clientconfig), event.clientuuid, useraccount.uuid, event.sock), "auth") self.log("Autologin successful!", lvl=warn) except Exception as e: self.log("No profile due to error: ", e, type(e), lvl=error) else: self.log("Auth request for ", event.username, event.clientuuid) # TODO: Move registration to its own part # TODO: Define the requirements for secure passwords etc. if (len(event.username) < 3) or (len(event.password) < 3): self.log("Illegal username or password received, " "login cancelled", lvl=warn) notification = { 'component': 'auth', 'action': 'fail', 'data': 'Password or username too short' } self.fireEvent(send(event.clientuuid, notification, sendtype='client')) return useraccount = None clientconfig = None userprofile = None # TODO: Notify problems here back to the frontend try: useraccount = objectmodels['user'].find_one({ 'name': event.username }) self.log("Account: %s" % useraccount._fields, lvl=debug) except Exception as e: self.log("No userobject due to error: ", e, type(e), lvl=error) if useraccount: self.log("User found.", lvl=debug) if self.makehash(event.password) == useraccount.passhash: self.log("Passhash matches, checking client and profile.", lvl=debug) requestedclientuuid = event.requestedclientuuid # Client requests to get an existing client # configuration or has none clientconfig = objectmodels['client'].find_one({ 'uuid': requestedclientuuid }) if clientconfig: self.log("Checking client configuration permissions", lvl=debug) if clientconfig.owner != useraccount.uuid: clientconfig = None self.log("Unauthorized client configuration " "requested", lvl=warn) else: self.log("Unknown client configuration requested: ", requestedclientuuid, event.__dict__, lvl=warn) if not clientconfig: self.log("Creating new default client configuration") # Either no configuration was found or requested # -> Create a new client configuration uuid = event.clientuuid if event.clientuuid is not \ None else str(uuid4()) clientconfig = objectmodels['client']({'uuid': uuid}) clientconfig.name = "New client" clientconfig.description = "New client configuration" \ " from " + useraccount.name clientconfig.owner = useraccount.uuid # TODO: Make sure the profile is only saved if the # client could store it, too clientconfig.save() try: userprofile = objectmodels['profile'].find_one( {'owner': str(useraccount.uuid)}) self.log("Profile: ", userprofile, useraccount.uuid, lvl=debug) useraccount.passhash = "" self.fireEvent( authentication(useraccount.name, ( useraccount, userprofile, clientconfig), event.clientuuid, useraccount.uuid, event.sock), "auth") except Exception as e: self.log("No profile due to error: ", e, type(e), lvl=error) else: self.log("Password was wrong!", lvl=warn) self.fireEvent(send(event.clientuuid, { 'component': 'auth', 'action': 'fail', 'data': 'N/A' }, sendtype="client"), "hfosweb") self.log("Done with Login request", lvl=debug) elif self.systemconfig.allowregister: self.createuser(event) else: self.log('User not found and system configuration does not ' 'allow new users to be created', lvl=warn)
def createuser(self, event): self.log("Creating user") try: newuser = objectmodels['user']({ 'name': event.username, 'passhash': self.makehash(event.password), 'uuid': str(uuid4()) }) newuser.save() except Exception as e: self.log("Problem creating new user: "******"New profile uuid: ", newprofile.uuid, lvl=verbose) # TODO: Fix this - yuk! newprofile.components = { 'enabled': ["dashboard", "map", "weather", "settings"] } newprofile.save() except Exception as e: self.log("Problem creating new profile: ", type(e), e, lvl=error) return try: # TODO: Clone or reference systemwide default configuration uuid = event.clientuuid if event.clientuuid is not None else str( uuid4()) newclientconfig = objectmodels['client']({'uuid': uuid}) newclientconfig.name = "New client" newclientconfig.description = "New client configuration " \ "from " + newuser.name newclientconfig.owner = newuser.uuid newclientconfig.save() except Exception as e: self.log("Problem creating new clientconfig: ", type(e), e, lvl=error) return try: self.fireEvent( authentication(newuser.name, (newuser, newprofile, newclientconfig), event.clientuuid, newuser.uuid, event.sock), "auth") self.fireEvent( send(event.clientuuid, { 'component': 'auth', 'action': 'new', 'data': 'registration successful' }, sendtype="client"), "hfosweb") except Exception as e: self.log("Error during new account confirmation transmission", e, lvl=error)