def get_context_data(self, **kwargs):
context = super(ReportSQSJobs, self).get_context_data(**kwargs)
form = self.get_form_class()(self.request.GET)
if form.is_bound:
if form.is_valid():
date = form.cleaned_data.get('date')
if not os.path.exists(get_report_fname(date)):
context['error_msg'] = ("Report does not exist. Now it's already being generated."
"Please wait a few minutes and try again.")
run_report_generation(date)
return context
with open(get_report_fname(date), 'r') as fh:
reports = json.loads(fh.read())
context['by_server'] = sorted([(server, data) for server, data in
dicts_to_ordered_lists(reports['by_server']).items()])
context['by_spider'] = sorted([(spider, data) for spider, data in
dicts_to_ordered_lists(reports['by_spider']).items()])
# generate CSV files
csv_by_server = report_to_csv(["server", "spider", "num of jobs"], context['by_server'])
csv_by_site = report_to_csv(["spider", "server", "num of jobs"], context['by_spider'])
site = Site.objects.get_current()
context['csv_by_server'] = 'http://' + site.domain + str(reverse_lazy(
'report-get-csv',
kwargs={'encrypted_filename': encrypt(csv_by_server)}
))
context['csv_by_site'] = 'http://' + site.domain + str(reverse_lazy(
'report-get-csv',
kwargs={'encrypted_filename': encrypt(csv_by_site)}
))
return context
def open_file(self):
file = fd.askopenfilename(title="Open text file",
initialdir=self.cwd,
filetypes=self.filetypes)
prefix = os.path.basename(file)[0:3]
if file:
try:
if prefix == "ENC":
enc_filename = file
file = utils.change_prefix_and_decrypt(file, Login.KEY)
file_screen = tk.Toplevel(self)
file_screen.geometry('300x400+{}+{}'.format(
self.position_right, self.position_down))
file_screen.resizable(0, 0)
text = ScrolledText(file_screen,
wrap="word",
height=30,
width=30)
with open(file, 'r', encoding="iso-8859-2") as f:
text.insert(tk.END, f.read())
text.pack()
if prefix == "ENC":
utils.encrypt(file, Login.KEY)
os.rename(file, enc_filename)
ttk.Button(file_screen,
text="STOP",
command=file_screen.destroy).pack()
except Exception:
utils.not_authorized_message()
def login(self, username, password):
"""使用 用户名+密码 登录"""
captchaToken, returnUrl, paramId = self._redirect()
validateCode = self._needcaptcha(captchaToken, username)
url = self._auth_url + "loginSubmit.do"
data = {
"appKey": "cloud",
"accountType": '01',
"userName": "******" + b64tohex(encrypt(username)),
"password": "******" + b64tohex(encrypt(password)),
"validateCode": validateCode,
"captchaToken": captchaToken,
"returnUrl": returnUrl,
"mailSuffix": "@189.cn",
"paramId": paramId
}
r = self._post(url, data=data)
msg = r.json()["msg"]
if msg == "登录成功":
self._get(r.json()["toUrl"])
code, token = self.get_token(username, password)
if code == Cloud189.SUCCESS:
self.set_session(*token)
return Cloud189.SUCCESS
print(msg)
self.login(username, password)
return Cloud189.FAILED
def write(self):
"""Pick data from write queue and send it to C2 server."""
self.logger.info("Started write thread!")
logging.getLogger().addHandler(self.queue_handler)
while self.active.is_set():
if not self.writeque.empty():
data = self.writeque.get()
try:
if isinstance(data.get("result"), Exception):
data["result"] = str(data.get("result"))
data = json.dumps(data, cls=MessageEncoder).encode()
if self.key and self.key_change.is_set():
# encrypt assign response with original key
if C2_ENCRYPTION_KEY:
data = encrypt(data, C2_ENCRYPTION_KEY)
self.key_change.clear()
elif self.key:
data = encrypt(data, self.key)
data = struct.pack('!L', len(data)) + data
except Exception as e:
self.logger.warning(
"Failed to serialize dict: {}".format(e))
continue
self.s.sendall(data)
# self.logger.debug("Sent data to {}: {}".format(self.s.getpeername(), data))
time.sleep(0.5)
logging.getLogger().removeHandler(self.queue_handler)
self.logger.info("Stopped write thread!")
def updateDataStore():
with open(f'./dataStore/{websiteName}', 'a+') as file:
file.write(utils.encrypt(encryptionKey, username))
file.write('\n')
encryptionText = utils.encrypt(encryptionKey, password)
file.writelines(encryptionText)
file.write("\n")
print(f'Encrypted Password : {encryptionText}')
def handle_uploaded_file(f,fileMap):
id = '%s' % fileMap.id
suffix = fileMap.linkSuffix
internal_file_name = location % suffix
password = '******' if not fileMap.password_protected else fileMap.password.encode('ascii','ignore')
destination = open(internal_file_name, 'wb+')
encrypt(f,destination,password)
return suffix
def saveSettings(self):
settings.BAIDU_APPID = self.baiduAppidInput.text()
settings.BAIDU_SECRET = self.baiduSecretInput.text()
self.newSettings['BaiduAppid'] = encrypt(settings.BAIDU_APPID)
self.newSettings['BaiduSecret'] = encrypt(settings.BAIDU_SECRET)
for key in list(DEFAULT_SETTINGS.keys()):
settings[key] = self.newSettings[key]
settings.writeSettings()
self.close()
def handle_uploaded_file(f, fileMap):
id = '%s' % fileMap.id
suffix = fileMap.linkSuffix
internal_file_name = location % suffix
password = '******' if not fileMap.password_protected else fileMap.password.encode(
'ascii', 'ignore')
destination = open(internal_file_name, 'wb+')
encrypt(f, destination, password)
return suffix
def run(self):
self._logger.info('mysqldump run')
# clean
self.watch()
# save filepath
self.dump()
# encrypt
if self.__use_encrypt():
self._logger.info('use encrypt')
encrypt(self.__filepath(), self.__filepath_encrypt(),
self._config.encrypt_pass, self._config.compress_level)
return self.__filepath_encrypt()
return self.__filepath()
def update_github_secrets(keys, token, org):
click.echo("Now updating all repositories with new keys...")
s = requests.Session()
s.headers = {"Authorization": f"token {token}", "User-Agent": "Requests"}
url_base = f"https://api.github.com/repos/{org.login}"
results = {}
for repo_name, (access_key_id, secret_access_key) in keys.items():
ci_keys = s.get(f"{url_base}/{repo_name}/actions/secrets/public-key")
if ci_keys.status_code != requests.codes.ok:
results[repo_name] = ci_keys.status_code
continue
ci_keys = ci_keys.json()
access_key_id = encrypt(ci_keys["key"], access_key_id)
secret_access_key = encrypt(ci_keys["key"], secret_access_key)
encrypted_token = encrypt(ci_keys["key"], token)
r = s.put(
f"{url_base}/{repo_name}/actions/secrets/AWS_ACCESS_KEY_ID",
json={
"encrypted_value": access_key_id,
"key_id": ci_keys["key_id"]
},
)
r = s.put(
f"{url_base}/{repo_name}/actions/secrets/AWS_SECRET_ACCESS_KEY",
json={
"encrypted_value": secret_access_key,
"key_id": ci_keys["key_id"]
},
)
r = s.put(
f"{url_base}/{repo_name}/actions/secrets/API_TOKEN_GITHUB",
json={
"encrypted_value": encrypted_token,
"key_id": ci_keys["key_id"]
},
)
results[repo_name] = r.status_code
return results
def post(self):
user = self.current_user
password = self.get_argument("pwd", "")
new_pwd = self.get_argument("new_pwd", "")
if user.get_password() != encrypt(password):
self.render("account/pwd.html", error=141)
return
if new_pwd == "":
self.render("account/pwd.html", error=142)
return
result = user.update_password(encrypt(new_pwd))
if result:
self.render("account/pwd.html", error=143)
return
self.render("account/pwd.html", error=140)
def post(self):
user = self.current_user
password = self.get_argument("pwd", "")
new_pwd = self.get_argument("new_pwd", "")
if user.get_password() != encrypt(password):
self.render("account/pwd.html", error=141)
return
if new_pwd == "":
self.render("account/pwd.html", error=142)
return
result = user.update_password(encrypt(new_pwd))
if result:
self.render("account/pwd.html", error=143)
return
self.render("account/pwd.html", error=140)
def encrypt():
return json.dumps({
'response':
utils.encrypt(request.args.get('message'),
int(request.args.get('n'), 16),
int(request.args.get('e'), 16)).hex()
})
def new_transaction():
tx_data = request.get_json()
required_fields = ["pub_key", "vote"]
for field in required_fields:
if not tx_data.get(field):
return "Invalid transaction data", 404
if "timestamp" not in tx_data:
tx_data["timestamp"] = time.time()
if "sign" not in tx_data:
tx_data["sign"] = utils.sign_transaction(tx_data["pub_key"],
tx_data["vote"])
verified = utils.verify_transaction(tx_data)
if not verified:
return "Invalid transaction", 404
# If the transaction is present in the local pool, return the transaction id
txn = {
"pub_key": tx_data["pub_key"],
"vote": tx_data["vote"],
"timestamp": tx_data["timestamp"],
"sign": tx_data["sign"]
}
encrypted = utils.encrypt(txn)
if (encrypted in blockchain.encrypted_transactions):
return blockchain.encrypted_transactions[encrypted], 201
if "transaction_id" not in tx_data:
transaction_id = blockchain.add_new_transaction(tx_data)
tx_data["transaction_id"] = transaction_id
else:
transaction = {
"pub_key": tx_data["pub_key"],
"vote": tx_data["vote"],
"timestamp": tx_data["timestamp"],
"sign": tx_data["sign"]
}
transaction_id = tx_data["transaction_id"]
blockchain.transactions[transaction_id] = transaction
blockchain.encrypted_transactions[encrypted] = transaction_id
data = {"transaction_id": transaction_id}
headers = {'Content-Type': "application/json"}
responses = []
for peer in blockchain.peers:
resp = requests.post(peer + '/receive_adv_txn',
data=json.dumps(data),
headers=headers).json()
responses.append(resp)
for response in responses:
if (response["requested"]):
requests.post(response["peer"] + '/new_transaction',
data=json.dumps(tx_data),
headers=headers)
return str(transaction_id), 201
def Register():
if not isValidEmail(request.form['email']):
return jsonify({'error': 'E-mail inválido'}), 400
if len(request.form['password']) < PASSWORD_MIN_LENGTH:
return jsonify({'error': 'Senha muito curta'}), 400
if len(request.form['password']) > PASSWORD_MAX_LENGTH:
return jsonify({'error': 'Senha muito longa'}), 400
exists = User.query.filter_by(email=request.form['email']).first()
if exists:
return jsonify({'error': 'Email já registrado'}), 400
name = request.form['name']
if not len(name):
return jsonify({'error': 'É necessário informar um nome'}), 400
exists = User.query.filter_by(name=request.form['name']).first()
if exists:
return jsonify({'error': 'Nome já registrado'}), 400
user = User(email=request.form['email'],
password=encrypt(request.form['password']),
name=name,
role_id=2,
regDate=time.time(),
coins=50)
db.session.add(user)
db.session.commit()
team = Team(name='Time de ' + name, user_id=user.id)
db.session.add(team)
db.session.commit()
return jsonify(user.toJSON()), 201
def post(self):
username = self.get_argument('username', '')
password = self.get_argument('password', '')
self.set_header("Content-Type", "application/json")
if not (username and password):
ret = {
'error': 110,
'msg': self.error_message['110'],
'url': '/admin/index'
}
return self.write(json_encode(ret))
user = User.get_by_username(username)
if not user:
ret = {'error': 121, 'msg': self.error_message['121']}
return self.write(json_encode(ret))
if user.get_password() != encrypt(password):
ret = {'error': 122, 'msg': self.error_message['122']}
return self.write(json_encode(ret))
self.set_secure_cookie("admin_user_id",
str(user.user_id),
expires_days=7)
ret = {'error': 0, 'msg': '登录成功', 'url': '/admin/index'}
return self.write(json_encode(ret))
def validate_login(cls, form):
users = cls.all()
for u in users:
if u.username == form.get("username") and u.password == encrypt(
form.get("password")):
return u
return None
def get(self, **kwargs):
admin = False
user = self.current_user
page_id = kwargs.get('pageid')
options_dict = {}
try:
pages = Page.get(user.pages)
for p in pages:
if p.id == page_id:
admin = True
page = p
widgets = Widget.all().filter('page =', page).filter('deleted = ', False).order('order')
options = Option.all().filter('type_reference =', page)
for option in options:
options_dict[option.name] = {'id': str(option.key().id()), 'value': option.value}
except:
page = None
widgets = None
options_dict = None
if admin:
#page = Page.get_by_key_name(str(page_id))
#add_app_url = 'https://www.facebook.com/add.php?api_key=a284fdd504b5191923362afabc0ea6c7&pages=1&page=141947329155355'
upload_url = blobstore.create_upload_url('/upload')
page_id = encrypt(page_id).encode('hex')
self.render("app/edit.html", admin=True, page=page,upload_url=upload_url, page_id=page_id,widgets= widgets, options=options_dict)
else:
self.redirect('/dashboard')
def create_session(**kwargs):
"""
Authentication: is_allowed_by_all
Authorization: None
URL:
None
Body (Required):
'email'
'password'
Body (Optional):
None
Body (Not Allowed):
None
Success (200): Returns created session
Fail (40X):
"""
email = get_request_data('email')
password = encrypt(get_request_data('password'))
user = User()
user.load_by_email(email)
if user.id and password and user.password == password:
session = Session({'user_id': user.id})
session.save()
return Response(json.dumps(session.serialize()), status=200)
else:
return Response(json.dumps({'error': 'unable to authenticate'}),
status=401)
def post(self):
email = self.get_argument('email', '')
password = self.get_argument('password', '')
if not (email and password):
self.render('home/login.html', error=100, email=email)
user = User.get_by_email(email)
if not user:
self.render('home/login.html', error=101, email=email)
if user.get_password() == encrypt(password):
last_login_ip = self.request.headers['X-Real-Ip']
user.update_login_info(last_login_ip)
self.set_secure_cookie("user_id", str(user.user_id), expires_days=7)
self.redirect(self.get_argument('next', '/'))
else:
self.render('home/login.html', error=102, email=email)
#获取远程ip
remote_ip = self.request.headers['X-Real-Ip']
challenge = self.get_argument('recaptcha_challenge_field', None)
response = self.get_argument('recaptcha_response_field', None)
rsp = captcha.check_google_captcha(self,remote_ip, challenge, response)
if not rsp.is_valid:
self.render('home/login.html', error=103, email=email)
self.render('home/login.html', error=100, email=email)
def create_user(**kwargs):
"""
Authentication: is_allowed_by_all
Authorization: None
URL:
None
Body (Required):
'email'
'password'
Body (Optional):
None
Success (200): Returns created user
Fail (40X):
"""
try:
user = User(get_request_data())
if user.password:
user.password = encrypt(user.password)
user.save()
except (AttributeError, RequiredAttributes, EmailExists) as e:
return Response(json.dumps({'error': str(e)}), status=400)
return Response(json.dumps(user.serialize()), status=200)
def mysql_beat(use, deviceID='', logSources={}):
"""
For mysql beat.
"""
try:
if use:
sangfor_conf = []
for i in logSources:
if i['vendor'] == 'sangfor':
beat_config = i
beat_config['deviceID'] = deviceID
beat_config['passwd'] = encrypt(i.get('passwd', 'admin'),
'skyguard')
sangfor_conf.append(beat_config)
with open(config.MYSQL_BEAT, 'w') as jf:
jf.write(json.dumps({"sangfor_config": sangfor_conf}))
os.system('systemctl restart mysql-beat')
os.system('systemctl enable mysql-beat')
else:
for i in logSources:
if i['vendor'] == 'sangfor':
os.system('systemctl stop mysql-beat')
with open(config.MYSQL_BEAT, 'w') as jf:
jf.write(json.dumps({}))
return True
except:
logger.exception("Mysql beat action failed.")
def update_user(user_id, **kwargs):
"""
Authentication: is_valid_session
Authorization: target_user_is_session_user
URL:
<user_id>: Target user id
Body (Required):
None
Body (Optional):
'email'
'password'
Body (Not Allowed):
None
Success (200): Returns updated user
Fail (40X):
"""
try:
user = User(get_request_data())
user.id = user_id
if user.password:
user.password = encrypt(user.password)
user.save()
except (AttributeError, RequiredAttributes, EmailExists) as e:
return Response(json.dumps({'error': str(e)}), status=400)
return Response(json.dumps(user.serialize()), status=200)
def post(self):
email = self.get_argument('email', '')
password = self.get_argument('password', '')
if not (email and password):
self.render('home/login.html', error=100, email=email)
user = User.get_by_email(email)
if not user:
self.render('home/login.html', error=101, email=email)
if user.get_password() == encrypt(password):
last_login_ip = self.request.headers['X-Real-Ip']
user.update_login_info(last_login_ip)
self.set_secure_cookie("user_id",
str(user.user_id),
expires_days=7)
self.redirect(self.get_argument('next', '/'))
else:
self.render('home/login.html', error=102, email=email)
#获取远程ip
remote_ip = self.request.headers['X-Real-Ip']
challenge = self.get_argument('recaptcha_challenge_field', None)
response = self.get_argument('recaptcha_response_field', None)
rsp = captcha.check_google_captcha(self, remote_ip, challenge,
response)
if not rsp.is_valid:
self.render('home/login.html', error=103, email=email)
self.render('home/login.html', error=100, email=email)
def sendCommand(command):
pswd = utils.encrypt(config.password)
for c in command:
send(utils.covertPacket(server, protocol, c, pswd), verbose=0)
utils.finPacket(server, protocol, pswd)
command = ""
def createUser(username, password):
#密码加密
password = encrypt(password)
db.execute('INSERT INTO users_info(`username`, `password`) VALUES(%s, %s)',
(username, password))
conn.commit()
return db.rowcount
def cypher(input_file: Optional[IO[str]], output_file: Optional[IO[str]],
decrypt: Optional[str], key: Optional[int]) -> None:
"""
Runs text encryption from the command line.
Examples:
$ python cypher.py
$ python cypher.py -e -o output_file_name.txt
$ python cypher.py -e -k 2
$ python cypher.py -i file_to_decrypt.txt -d -o output_file_name.txt -k 2
"""
if input_file:
text = input_file.read()
else:
text = click.prompt('Enter a text', hide_input=not decrypt)
if decrypt:
key = -key
cyphertext = encrypt(text, key)
if output_file:
# saves a .txt file in directory
output_file.write(cyphertext)
else:
click.echo(cyphertext)
def post(self):
name = self.get_argument('name', '')
email = self.get_argument('email', '')
password = self.get_argument('password', '')
if not name or len(name) > 15:
self.render('join.html', error=111, name=name, email=email)
return
match = re.search(r'[\w.-]+@[\w.-]+', email)
if not match:
self.render('join.html', error=112, name=name, email=email)
return
if not password:
self.render('join.html', error=110, name=name, email=email)
return
user = User.get_by_email(email)
if user:
self.render('join.html', error=113, name=name, email=email)
return
user = User.new(name, email)
if user:
user.update_password(encrypt(password))
else:
self.render('join.html', error=114)
self.set_secure_cookie('user', user.id, expires_days=30)
self.redirect(self.get_argument('next', '/'))
def post_session(handler, params):
data = None
error = None
cursor = sql.db.cursor()
authenticated, user_id = utils.process_cookie(handler.request)
if authenticated:
error = 'Session already exists'
handler.response.status = 403
else:
username = params['username']
password = params['password']
condition = {"username": str(username), "password": str(password)}
query_string = sql.get_retrieve_query_string(table="person", params=['user_id'], cond=condition)
cursor.execute(query_string)
uid = cursor.fetchall()
if uid:
uid = uid[0][0]
expiry = datetime.today() + timedelta(days=365)
cookie = str(utils.encrypt(uid))
handler.response.set_cookie(utils.FIIDUP_COOKIE, cookie, expires=expiry,
path=handler.app.config.get('cookie_path'),
domain=handler.app.config.get('cookie_domain'),
secure=handler.app.config.get('secure_cookie'))
data = {'user_id': uid,
'expires': expiry.isoformat(' ')}
else:
error = 'User does not exist'
handler.response.status = 403
cursor.close()
handler.response.out.write(utils.generate_json(handler.request, user_id, "POST", data, error))
def createDB(filename='issues.db',script='db.sql'):
# Create tables
con=get_connection(filename)
con.executescript( open(script).read() )
con.commit()
# Add internal robot user, don't need to remember their password
password=''.join(random.choice( string.ascii_letters ) for i in range(16))
create_user(con,'robot', '', encrypt(password), active=False)
con.commit()
# create a default account for development
create_user(con,'admin', '', encrypt('admin'), active=True)
con.close()
def dump_encrypted(self, data: dict):
if not hasattr(self, 'password'):
raise self.Locked
data = json.dumps(data)
from utils import encrypt
encrypted = encrypt(data.encode('utf-8'), password=self.password)
with open(self.local_settings_secrets_path, 'wb') as outfile:
outfile.write(encrypted)
def test_encdec(self):
sk = BigNum.getOrder().random()
pk1 = self.key_gen(self.lff.gen1(), sk)
pk2 = self.key_gen(self.lff.gen2(), sk)
order = BigNum.getOrder()
c1, c2 = encrypt(order, pk1, pk2, 666)
tables = make_tables(pk1, pk2, self.MAX)
self.assertEqual(decrypt((c1, c2), sk, tables), (666, 666))
import random
ps = random.sample(range(self.MAX), 100)
for i in range(100):
c1, c2 = encrypt(order, pk1, pk2, ps[i])
self.assertEqual(decrypt((c1, c2), sk, tables), (ps[i], ps[i]))
def encrypt():
key, iv, content = utils.encrypt(flask.request.form['content'])
return flask.jsonify({
'name': flask.request.form['name'],
'content': b64.b64encode(content).decode(),
'time': utils.get_time(),
'key': b64.b64encode(iv + key).decode()
})
def createSessionID(self,_user): #Expects real user entity time = str(datetime.datetime.now()) string = utils.encrypt(utils.generate_string()) _user.active_sessions = _user.active_sessions + [(string,time)] _user.put() #print "Users-createSessionID: Created new ID for ", _user.email return (string,time)
def createSessionID(self, _user):
#Expects real user entity
time = str(datetime.datetime.now())
string = utils.encrypt(utils.generate_string())
_user.active_sessions = _user.active_sessions + [(string, time)]
_user.put()
#print "Users-createSessionID: Created new ID for ", _user.email
return (string, time)
def createAccount(self, username, password):
assert len(username) < 16 and ' ' not in username
assert len(password) < 16 and ' ' not in password
if not self.key:
self.getRsaKey()
data = {
"operation": "set",
"new_acc": username,
"new_pwd": utils.encrypt(self.key, password),
"cfm_pwd": utils.encrypt(self.key, password)
}
# print "Creating user account"
json = self.post("admin/administration?form=account", data).json()
assert json["success"]
def login(cardNo,passwd):
userInfos = sql.getUserInfosByCarNo(cardNo)
if not userInfos:
return False
if userInfos['password'] != utils.encrypt(passwd):
return False
sql.markLoginSuccess(cardNo)
print u"登录成功"
return True
def handle_response(response):
# resp加密
if response.error and not isinstance(response.error,
tornado.httpclient.HTTPError):
self.set_status(500)
self.write('Internal server error:\n' + str(response.error))
else:
self.set_status(response.code)
for header in ('Date', 'Cache-Control', 'Server',
'Content-Type', 'Location'):
v = response.headers.get(header)
if v:
v = encrypt(v)
self.set_header(header, v)
if response.body:
body = encrypt(response.body)
self.write(body)
self.finish()
def valid_login(username, password):
user = get_user(username)
if user == None:
return (False, "Datos inválidos")
else:
if utils.encrypt(password) == user.password:
return (True, "")
else:
return (False, "Datos inválidos")
def inital():
"""
inital project data to redis
:return:
"""
for path in get_files(settings.PROJECT_DIR, ".md"):
# 文件创建时间
# 有序结合保存所有文档,查看所有文章时,可以按照时间顺序查看
create_time = os.path.getctime(path)
redis.zadd('admin.blog.list', create_time, utils.encrypt(path))
# 把文件的上级目录当作标签
#有序set存放该标签下的文章,相当于文章按标签分类,用有序集合的原因是可以按时间顺序显示
tag_name = os.path.basename(os.path.dirname(path))
redis.zadd('blog.tag.%s' % tag_name, create_time, utils.encrypt(path))
#set集合存放所有标签
redis.sadd('blog.tag', tag_name)
def inital():
"""
inital project data to redis
:return:
"""
for path in get_files(settings.PROJECT_DIR, ".md"):
# 文件创建时间
# 有序结合保存所有文档,查看所有文章时,可以按照时间顺序查看
create_time = os.path.getctime(path)
redis.zadd('admin.blog.list', create_time, utils.encrypt(path))
# 把文件的上级目录当作标签
#有序set存放该标签下的文章,相当于文章按标签分类,用有序集合的原因是可以按时间顺序显示
tag_name = os.path.basename(os.path.dirname(path))
redis.zadd('blog.tag.%s' % tag_name, create_time, utils.encrypt(path))
#set集合存放所有标签
redis.sadd('blog.tag', tag_name)
def start_encrypting(self):
"""Check if there are directory and password selected, then clear the password field,
then compress,shred and encrypt the compressed file"""
if (self.directory) and (self.password.text()):
self.captured_encrypt_pass = self.password.text()
self.password.clear()
QtTest.QTest.qWait(5 * 1000)
compress(self.directory)
shred(self.directory)
encrypt(self.captured_encrypt_pass)
alert = QMessageBox()
alert.setText('Done')
alert.exec_()
else:
alert = QMessageBox()
alert.setText('Choose a directory and password first')
alert.exec_()
def get(self):
def handle_response(response):
# resp解密
if response.error and not isinstance(response.error,
tornado.httpclient.HTTPError):
self.set_status(500)
self.write('Internal server error:\n' + str(response.error))
else:
self.set_status(response.code)
for header in ('Date', 'Cache-Control', 'Server',
'Content-Type', 'Location'):
v = response.headers.get(header)
if v:
v = decrypt(v)
self.set_header(header, v)
if response.body:
body = decrypt(response.body)
self.write(body)
self.finish()
# req加密
print "url:", self.request.uri
url = settings.REMOTE_HOST + encrypt(self.request.uri)
body = encrypt(self.request.body)
headers = deepcopy(self.request.headers)
for k, v in headers.iteritems():
headers[k] = encrypt(v)
req = tornado.httpclient.HTTPRequest(url=url,
method=self.request.method, body=body,
headers=headers, follow_redirects=False,
allow_nonstandard_methods=True)
client = tornado.httpclient.AsyncHTTPClient()
try:
client.fetch(req, handle_response)
except tornado.httpclient.HTTPError as e:
if hasattr(e, 'response') and e.response:
handle_response(e.response)
else:
self.set_status(500)
self.write('Internal server error:\n' + str(e))
self.finish()
def crypt():
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(server_address)
basename = os.path.basename(get_abs_file_path())
basename = utils.encrypt(basename)
s.send(basename)
s.send(utils.file_name_content_separator)
with open(get_abs_file_path(), 'rb') as f:
while 1:
block = f.read(utils.block_size)
if block:
block = utils.encrypt(block)
utils.logging.info(len(block))
s.send(block)
else:
break
s.shutdown(socket.SHUT_WR)
s.close()
utils.logging.info('*' * 50)
def login():
mobile =request.form['mobile']
element = dao.getUserByMobile(mobile)
if element is None or encrypt(request.form['masterPassword']) != element['masterPassword'] :
return 'Bad login'
current_user = user(element['nickName'], element['masterPassword'], element['mobile'], element['email'], element['status'],
element['createTime'])
current_user.id=mobile
flask_login.login_user(current_user)
return redirect('/')
def post(self, msg):
"""
发送数据
这里考虑后还是决定不捕获异常,由调用方负责
:param msg:
:return: 发送成功的字节数
"""
data = encrypt(self.secret, msg)
# 返回的发送成功的字节数
return self.sock.sendto(data, (self.host, self.port))
def post(self):
password = self.get_argument('password', '')
self.set_header("Content-Type", "application/json")
user = User.get_by_uid(self.get_secure_cookie("admin_user_id"))
if user.get_password() == encrypt(password):
ret = {'code': 0}
else:
ret = {'code': 1}
return self.write(json_encode(ret))
def register():
mobile = request.form['mobile']
if(dao.containsUser(mobile)):
return 'BAD REQUEST'
nickName = request.form['nickName']
masterPassword=request.form['masterPassword']
newUser = user(nickName,encrypt(masterPassword),mobile,'',True,datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
dao.save(newUser)
newUser.id=mobile
flask_login.login_user(newUser)
return redirect('/')
def create_session():
msgdct = flask.json.loads(request.data)
username = msgdct['username']
password = msgdct['password']
hashed_password = utils.encrypt(password, settings.SALT)
if model.User.get_by_username_and_password(username, hashed_password) is None:
return status_response(401, ok=False, reason="authentication failed")
else:
flask.session['username'] = username
return flask.jsonify(username=username)
def sign_up():
username = request.form['email']
password = request.form['password']
if models.get_user(username) == None:
user = models.Users(username,utils.encrypt(password))
db.session.add(user)
db.session.commit()
session['logged_in'] = True
session['username'] = username
return json.dumps({'status':'ok'})
#return redirect(url_for('show_news', fecha_raw= utils.get_today()))
return json.dumps({'status':'error','error':'Usuario ya existe'})
def user():
if request.method=='POST':
action=request.form['action']
if action=='DELETE':
delete_user_form= DeleteUserForm()
if delete_user_form.validate():
username=request.form['username']
if username=='admin' or username=='guest':
flash("admin and guest accounts can't be deleted",'error')
else:
ok=db.delete_user(get_db(),username)
if ok: flash('Deleted %s'%username,'ok')
else: flash('Failed to delete %s'%username,'error')
else:
flash('delete form failed to validate','error')
elif action=='CREATE':
add_user_form = AddUserForm() # create from current form values
if add_user_form.validate():
password=add_user_form.password.data
password_hash=encrypt(password)
ok=db.create_user(get_db(),add_user_form.name.data,add_user_form.email.data,password_hash)
if ok:
flash('New user %s created'%add_user_form.name.data,'ok')
else:
flash('Sorry, could not create user %s'%add_user_form.name.data,'error') # validation OK, but DB failed
else: # posted a invalid form
flash('Please fill in all fields','warning')
elif action=="ADMIN":
admin_form=UserAdminForm()
db.set_user_admin(get_db(),admin_form.username.data,admin_form.admin.data)
# By default reget the page, can't return a new render here as the existing form would pollute the creation values of the new forms
return redirect('/users')
else: # GET
add_user_form = AddUserForm()
userlist=db.get_users(get_db())
# Since get_users doesnt return a list of result, we have to convert the structure in order to insert the delete
# user form into the list
userlist2=[]
for user in userlist:
name=user['name']
isadmin=user['admin']
newrow=list(user)+[DeleteUserForm(username=name),UserAdminForm(username=name,admin=isadmin)]
userlist2.append(newrow)
return render_template('user.html', add_user_form=add_user_form, userlist=userlist2)
def add_user(user, company, password):
retval = False
try:
users = pymongo.Connection().sds.users
except:
print 'Couldn\'t connect to SDS db'
return retval
secret = utils.get_secret('keyfile')
enc_password = utils.encrypt(password, secret)
o = {'password': enc_password, 'u_and_c': user+'__'+company}
users.insert(o)
encoded = base64.b64encode('%s__%s:%s' % (user, company, password))
return encoded
def update_password(self, password):
password = encrypt(password)
current_time = datetime.now()
update_time = current_time.strftime('%Y-%m-%d %H:%M:%S')
update = {
Admin.password: password,
Admin.update_time: update_time
}
db_session.query(Admin).filter(Admin.user_id == self.user_id).update(update)
try:
return db_session.commit()
except:
db_session.rollback()
def login():
error = None
if request.method == 'POST':
if 'nueva_cuenta' in request.form:
user = models.Users(request.form['username'],utils.encrypt(request.form['password']))
db.session.add(user)
db.session.commit()
else:
valid, error = models.valid_login(request.form['username'], request.form['password'])
if valid:
session['logged_in'] = True
return redirect(url_for('add_entry'))
return render_template('login.html', error=error)
def OnLogin(self, event):
conf = ModifyConf(self.confdir+os.sep+'conf.ini')
for k,v in conf.read_all('db'):
self.data[k] = v
if self.in_or_out == 'out':
logout_dlg = LogoutDialog(self, '注销')
logout_dlg.CenterOnParent()
ret = logout_dlg.ShowModal()
if ret == wx.ID_OK:
self.in_or_out = 'in'
self.is_auth = False
self.data['auth'] = False
conf.write('db', **self.data)
self.login_user.SetLabel('')
self.p1.Layout()
self.login_btn.SetBitmapLabel(wx.Bitmap(self.basedir+os.sep+'login_24.png'))
self.login_btn.Refresh()
return
self.data['password'] = decrypt(16, self.data['password'])
self.login_dlg = LoginDialog(self,'登录',data=self.data)
self.login_dlg.CenterOnParent()
ret = self.login_dlg.Show()
if ret == wx.ID_OK:
try:
self.dnspod = dnspod_api(user=self.data['user'],passwd=self.data['password'],domain='yourdomain.com')
except:
self.in_or_out = 'in'
conf.write('db', **{'auth':False})
dlg = WarnDialog(self, '帐号、密码错误')
dlg.CenterOnParent()
dlg.ShowModal()
return
if not self.data['save']:
self.data['password'] = ''
else:
self.data['password'] = encrypt(16, self.data['password'])
self.data['auth'] = True
conf.write('db', **self.data)
self.login_user.SetLabel(self.data['user'])
self.p1.Layout()
self.login_btn.SetBitmapLabel(wx.Bitmap(self.basedir+os.sep+'logout_24.png'))
self.login_btn.Refresh()
self.in_or_out = 'out'
self.is_auth = True
self.get_dns_records()
self.tipdlg = WarnDialog2(self, '正在获取域名......')
self.tipdlg.CenterOnParent()
self.tipdlg.ShowModal()
def apply():
"""
申请银行卡
"""
print u"\n\n\n +++++++++++++你已经进入注册相关服务 : +++++++++++++ "
try:
idCard = readIDcard() #读入用户输入身份证号,并验证身份证号是否合法
sql.showOldCard(idCard) #检测身份证号是否已经申请过卡号
passwd = readPasswd() #输入密码
passwd = utils.encrypt(passwd)
cardNo = utils.uniqueNo() #生成卡号
sql.writeData({'cardNo':cardNo,'idCard':idCard,'password':passwd,'money':0}) #写库
except MyException,e:
print e
return False
def show_welcome(self, msg):
""" 以图文形式返回积分墙的地址 """
r = utils.encrypt(self.openid)
url = urlparse.urljoin(constants.SITE_BASEURL, 'v1/applist/golist?r=%s' % r)
pic_url = urlparse.urljoin(constants.SITE_BASEURL, 'static/img/list.png')
item = {
'title': '应用体验师,抢先试玩应用',
'description': '嗨 %s,你真厉害!这么快就关注到我们的微信号,比别人抢先很多步哦!试玩应用,即可获得Q币、话费,支付宝。你,将是一名神圣的“应用体验师”! 开始体验之旅!' % self.user_info['name'],
'pic_url': pic_url,
'url': url
}
items = []
items.append(item)
echostr = self.parse_to_xml_news(msg, items)
return echostr
def post(self):
email = self.get_argument('email', '')
password = self.get_argument('password', '')
if not (email and password):
self.render('login.html', error=100, email=email)
user = User.get_by_email(email)
if not user:
self.render('login.html', error=100, email=email)
if user.get_password() == encrypt(password):
self.set_secure_cookie('uid', user.id, expires_days=7)
self.redirect(self.get_argument('next', '/'))
self.render('login.html', error=100, email=email)
def post(self):
_email = self.request.get('email')
_password = self.request.get('password')
_password = utils.encrypt(_password)
_user = datastore.Users.login(_email,_password)
if _user == -1:
print "Incorrect credentials"
self.render("home.html", error = "Please recheck your credentials and try again,", email = _email)
else:
print "User successfully logged in!", _user
self.response.headers.add_header('Set-cookie','user = %s' % _user[1].key.id())
self.response.headers.add_header('Set-cookie','session = %s' % _user[0])
self.redirect("/loggedin")
def handle_tcp(self, remote):
sock = self.request
sock_list = [sock, remote]
try:
while 1:
read_list, _, _ = select(sock_list, [], [])
if remote in read_list:
data = remote.recv(utils.config.block_size)
if (sock.send(utils.encrypt(data)) <= utils.config.block_size_delta):
break
if sock in read_list:
data = sock.recv(utils.config.block_size_encrypted)
if (remote.send(utils.decrypt(data)) <= 0):
break
finally:
remote.close()
sock.close()
