async def handle_login(self, request):
try:
user_devid = request.match_info.get("devid", "")
countrycode = request.match_info.get("country", "us")
confserverlog.info(
"client with devid {} attempting login".format(user_devid)
)
if bumper.use_auth:
if (
not user_devid == ""
): # Performing basic "auth" using devid, super insecure
user = bumper.user_by_deviceid(user_devid)
if "checkLogin" in request.path:
self.check_token(
countrycode, user, request.query["accessToken"]
)
else:
# Deactivate old tokens and authcodes
bumper.user_revoke_expired_tokens(user["userid"])
body = {
"code": bumper.RETURN_API_SUCCESS,
"data": {
"accessToken": self.generate_token(
user
), # generate a new token
"country": countrycode,
"email": "*****@*****.**",
"uid": "fuid_{}".format(user["userid"]),
"username": "******".format(user["userid"]),
},
"msg": "操作成功",
"time": bumper.get_milli_time(
datetime.utcnow().timestamp()
),
}
return web.json_response(body)
body = {
"code": bumper.ERR_USER_NOT_ACTIVATED,
"data": None,
"msg": "当前密码错误",
"time": bumper.get_milli_time(datetime.utcnow().timestamp()),
}
return web.json_response(body)
else:
return web.json_response(
self._auth_any(user_devid, countrycode, request)
)
except Exception as e:
confserverlog.exception("{}".format(e))
def _auth_any(self, devid, country, request):
try:
user_devid = devid
countrycode = country
user = bumper.user_by_deviceid(user_devid)
bots = bumper.db_get().table("bots").all()
if user: # Default to user 0
tmpuser = user
bumper.user_add_device(tmpuser["userid"], user_devid)
else:
bumper.user_add("tmpuser") # Add a new user
tmpuser = bumper.user_get("tmpuser")
bumper.user_add_device(tmpuser["userid"], user_devid)
for bot in bots: # Add all bots to the user
bumper.user_add_bot(tmpuser["userid"], bot["did"])
if "checkLogin" in request.path: # If request was to check a token do so
checkToken = self.check_token(
countrycode, tmpuser, request.query["accessToken"]
)
isGood = json.loads(checkToken.text)
if isGood["code"] == "0000":
return isGood
# Deactivate old tokens and authcodes
bumper.user_revoke_expired_tokens(tmpuser["userid"])
body = {
"code": bumper.RETURN_API_SUCCESS,
"data": {
"accessToken": self.generate_token(tmpuser), # Generate a token
"country": countrycode,
"email": "*****@*****.**",
"uid": "fuid_{}".format(tmpuser["userid"]),
"username": "******".format(tmpuser["userid"]),
},
"msg": "操作成功",
"time": bumper.get_milli_time(datetime.utcnow().timestamp()),
}
return body
except Exception as e:
confserverlog.exception("{}".format(e))
async def handle_getAuthCode(self, request):
try:
user_devid = request.match_info.get("devid", "")
if not user_devid == "":
user = bumper.user_by_deviceid(user_devid)
if user:
token = bumper.user_get_token(
user["userid"], request.query["accessToken"]
)
if token:
authcode = ""
if not "authcode" in token:
authcode = self.generate_authcode(
user,
request.match_info.get("country", "us"),
request.query["accessToken"],
)
else:
authcode = token["authcode"]
body = {
"code": bumper.RETURN_API_SUCCESS,
"data": {
"authCode": authcode,
"ecovacsUid": request.query["uid"],
},
"msg": "操作成功",
"time": bumper.get_milli_time(
datetime.utcnow().timestamp()
),
}
return web.json_response(body)
body = {
"code": bumper.ERR_TOKEN_INVALID,
"data": None,
"msg": "当前密码错误",
"time": bumper.get_milli_time(datetime.utcnow().timestamp()),
}
return web.json_response(body)
except Exception as e:
confserverlog.exception("{}".format(e))
async def handle_logout(self, request):
try:
user_devid = request.match_info.get("devid", "")
if not user_devid == "":
user = bumper.user_by_deviceid(user_devid)
if user:
if bumper.check_token(user["userid"], request.query["accessToken"]):
# Deactivate old tokens and authcodes
bumper.user_revoke_token(
user["userid"], request.query["accessToken"]
)
body = {
"code": bumper.RETURN_API_SUCCESS,
"data": None,
"msg": "操作成功",
"time": bumper.get_milli_time(datetime.utcnow().timestamp()),
}
return web.json_response(body)
except Exception as e:
confserverlog.exception("{}".format(e))
def test_user_db():
if os.path.exists("tests/tmp.db"):
os.remove("tests/tmp.db") # Remove existing db
# Test os_db_path
platform.system = mock.MagicMock(return_value="Windows")
p = platform.system()
os.getenv = mock.MagicMock(return_value="C:\AppData")
o = os.getenv("APPDATA")
assert_equals(bumper.os_db_path(),
os.path.join(os.getenv("APPDATA"), "bumper.db"))
platform.system = mock.MagicMock(return_value="Linux")
assert_equals(bumper.os_db_path(),
os.path.expanduser("~/.config/bumper.db"))
bumper.db = "tests/tmp.db" # Set db location for testing
bumper.user_add("testuser") # Add testuser
assert_equals(bumper.user_get("testuser")["userid"],
"testuser") # Test that testuser was created and returned
bumper.user_add_device("testuser", "dev_1234") # Add device to testuser
assert_equals(bumper.user_by_deviceid("dev_1234")["userid"],
"testuser") # Test that testuser was found by deviceid
bumper.user_remove_device("testuser",
"dev_1234") # Remove device from testuser
assert_true(
"dev_1234" not in bumper.user_get("testuser")
["devices"]) # Test that dev_1234 was not found in testuser devices
bumper.user_add_bot("testuser", "bot_1234") # Add bot did to testuser
assert_true("bot_1234" in bumper.user_get("testuser")
["bots"]) # Test that bot was found in testuser's bot list
bumper.user_remove_bot("testuser",
"bot_1234") # Remove bot did from testuser
assert_true("bot_1234" not in bumper.user_get("testuser")
["bots"]) # Test that bot was not found in testuser's bot list
bumper.user_add_token("testuser", "token_1234") # Add token to testuser
assert_true(bumper.check_token(
"testuser", "token_1234")) # Test that token was found for testuser
assert_true(bumper.user_get_token(
"testuser", "token_1234")) # Test that token was returned for testuser
bumper.user_add_authcode(
"testuser", "token_1234",
"auth_1234") # Add authcode to token_1234 for testuser
assert_true(bumper.check_authcode(
"testuser", "auth_1234")) # Test that authcode was found for testuser
bumper.user_revoke_authcode("testuser", "token_1234",
"auth_1234") # Remove authcode from testuser
assert_false(bumper.check_authcode(
"testuser",
"auth_1234")) # Test that authcode was not found for testuser
bumper.user_revoke_token("testuser",
"token_1234") # Remove token from testuser
assert_false(bumper.check_token(
"testuser",
"token_1234")) # Test that token was not found for testuser
bumper.user_add_token("testuser", "token_1234") # Add token_1234
bumper.user_add_token("testuser", "token_4321") # Add token_4321
assert_equals(len(bumper.user_get_tokens("testuser")),
2) # Test 2 tokens are available
bumper.user_revoke_all_tokens("testuser") # Revoke all tokens
assert_equals(len(bumper.user_get_tokens("testuser")),
0) # Test 0 tokens are available
db = TinyDB("tests/tmp.db")
tokens = db.table("tokens")
tokens.insert({
"userid":
"testuser",
"token":
"token_1234",
"expiration":
"{}".format(datetime.datetime.now() + datetime.timedelta(seconds=-10)),
}) # Add expired token
db.close()
assert_equals(len(bumper.user_get_tokens("testuser")),
1) # Test 1 tokens are available
bumper.user_revoke_expired_tokens("testuser") # Revoke expired tokens
assert_equals(len(bumper.user_get_tokens("testuser")),
0) # Test 0 tokens are available
db = TinyDB("tests/tmp.db")
tokens = db.table("tokens")
tokens.insert({
"userid":
"testuser",
"token":
"token_1234",
"expiration":
"{}".format(datetime.datetime.now() + datetime.timedelta(seconds=-10)),
}) # Add expired token
db.close()
assert_equals(len(bumper.user_get_tokens("testuser")),
1) # Test 1 tokens are available
bumper.revoke_expired_tokens() # Revoke expired tokens
assert_equals(len(bumper.user_get_tokens("testuser")),
0) # Test 0 tokens are available
def test_user_db():
bumper.db = "tests/tmp.db" # Set db location for testing
bumper.user_add("testuser") # Add testuser
assert (bumper.user_get("testuser")["userid"] == "testuser"
) # Test that testuser was created and returned
bumper.user_add_device("testuser", "dev_1234") # Add device to testuser
assert (bumper.user_by_deviceid("dev_1234")["userid"] == "testuser"
) # Test that testuser was found by deviceid
bumper.user_remove_device("testuser",
"dev_1234") # Remove device from testuser
assert "dev_1234" not in bumper.user_get("testuser")["devices"]
# Test that dev_1234 was not found in testuser devices
bumper.user_add_bot("testuser", "bot_1234") # Add bot did to testuser
assert "bot_1234" in bumper.user_get("testuser")["bots"]
# Test that bot was found in testuser's bot list
bumper.user_remove_bot("testuser",
"bot_1234") # Remove bot did from testuser
assert "bot_1234" not in bumper.user_get("testuser")["bots"]
# Test that bot was not found in testuser's bot list
bumper.user_add_token("testuser", "token_1234") # Add token to testuser
assert bumper.check_token("testuser", "token_1234")
# Test that token was found for testuser
assert bumper.user_get_token("testuser", "token_1234")
# Test that token was returned for testuser
bumper.user_add_authcode(
"testuser", "token_1234",
"auth_1234") # Add authcode to token_1234 for testuser
assert bumper.check_authcode("testuser", "auth_1234")
# Test that authcode was found for testuser
bumper.user_revoke_authcode("testuser", "token_1234",
"auth_1234") # Remove authcode from testuser
assert bumper.check_authcode("testuser", "auth_1234") == False
# Test that authcode was not found for testuser
bumper.user_revoke_token("testuser",
"token_1234") # Remove token from testuser
assert (bumper.check_token("testuser", "token_1234") == False
) # Test that token was not found for testuser
bumper.user_add_token("testuser", "token_1234") # Add token_1234
bumper.user_add_token("testuser", "token_4321") # Add token_4321
assert len(
bumper.user_get_tokens("testuser")) == 2 # Test 2 tokens are available
bumper.user_revoke_all_tokens("testuser") # Revoke all tokens
assert len(
bumper.user_get_tokens("testuser")) == 0 # Test 0 tokens are available
db = TinyDB("tests/tmp.db")
tokens = db.table("tokens")
tokens.insert({
"userid":
"testuser",
"token":
"token_1234",
"expiration":
"{}".format(datetime.now() + timedelta(seconds=-10)),
}) # Add expired token
db.close()
assert len(
bumper.user_get_tokens("testuser")) == 1 # Test 1 tokens are available
bumper.user_revoke_expired_tokens("testuser") # Revoke expired tokens
assert len(
bumper.user_get_tokens("testuser")) == 0 # Test 0 tokens are available
db = TinyDB("tests/tmp.db")
tokens = db.table("tokens")
tokens.insert({
"userid":
"testuser",
"token":
"token_1234",
"expiration":
"{}".format(datetime.now() + timedelta(seconds=-10)),
}) # Add expired token
db.close()
assert len(
bumper.user_get_tokens("testuser")) == 1 # Test 1 tokens are available
bumper.revoke_expired_tokens() # Revoke expired tokens
assert len(
bumper.user_get_tokens("testuser")) == 0 # Test 0 tokens are available
def getUserAccountInfo(self, request):
try:
user_devid = request.match_info.get("devid", "")
countrycode = request.match_info.get("country", "us")
apptype = request.match_info.get("apptype", "")
user = bumper.user_by_deviceid(user_devid)
if "global_" in apptype: # EcoVacs Home
login_details = EcoVacsHome_Login()
login_details.ucUid = "fuid_{}".format(user["userid"])
login_details.loginName = "fusername_{}".format(
user["userid"])
login_details.mobile = None
else:
login_details = EcoVacs_Login()
login_details.uid = "fuid_{}".format(user["userid"])
login_details.username = "******".format(user["userid"])
login_details.country = countrycode
login_details.email = "*****@*****.**"
body = {
"code": bumper.RETURN_API_SUCCESS,
"data": {
"email": login_details.email,
"hasMobile": "N",
"hasPassword": "******",
"uid": login_details.uid,
"userName": login_details.username,
"obfuscatedMobile": None,
"mobile": None,
"loginName": login_details.loginName,
},
"msg": "操作成功",
"time": self.get_milli_time(datetime.utcnow().timestamp()),
}
# Example body
# {
# "code": "0000",
# "data": {
# "email": "*****@*****.**",
# "hasMobile": "N",
# "hasPassword": "******",
# "headIco": "",
# "loginName": "*****@*****.**",
# "mobile": null,
# "mobileAreaNo": null,
# "nickname": "",
# "obfuscatedMobile": null,
# "thirdLoginInfoList": [
# {
# "accountType": "WeChat",
# "hasBind": "N"
# }
# ],
# "uid": "20180719212155_*****",
# "userName": "******"
# },
# "msg": "操作成功",
# "success": true,
# "time": 1578203898343
# }
return web.json_response(body)
except Exception as e:
confserverlog.exception("{}".format(e))
def _auth_any(self, devid, apptype, country, request):
try:
user_devid = devid
countrycode = country
user = bumper.user_by_deviceid(user_devid)
bots = bumper.db_get().table("bots").all()
if user: # Default to user 0
tmpuser = user
if "global_" in apptype: # EcoVacs Home
login_details = EcoVacsHome_Login()
login_details.ucUid = "fuid_{}".format(
tmpuser["userid"])
login_details.loginName = "fusername_{}".format(
tmpuser["userid"])
login_details.mobile = None
else:
login_details = EcoVacs_Login()
login_details.accessToken = self.generate_token(tmpuser)
login_details.uid = "fuid_{}".format(tmpuser["userid"])
login_details.username = "******".format(
tmpuser["userid"])
login_details.country = countrycode
login_details.email = "*****@*****.**"
bumper.user_add_device(tmpuser["userid"], user_devid)
else:
bumper.user_add("tmpuser") # Add a new user
tmpuser = bumper.user_get("tmpuser")
if "global_" in apptype: # EcoVacs Home
login_details = EcoVacsHome_Login()
login_details.ucUid = "fuid_{}".format(
tmpuser["userid"])
login_details.loginName = "fusername_{}".format(
tmpuser["userid"])
login_details.mobile = None
else:
login_details = EcoVacs_Login()
login_details.accessToken = self.generate_token(tmpuser)
login_details.uid = "fuid_{}".format(tmpuser["userid"])
login_details.username = "******".format(
tmpuser["userid"])
login_details.country = countrycode
login_details.email = "*****@*****.**"
bumper.user_add_device(tmpuser["userid"], user_devid)
for bot in bots: # Add all bots to the user
if "did" in bot:
bumper.user_add_bot(tmpuser["userid"], bot["did"])
else:
confserverlog.error("No DID for bot: {}".format(bot))
if "checkLogin" in request.path: # If request was to check a token do so
checkToken = self.check_token(apptype, countrycode,
tmpuser,
request.query["accessToken"])
isGood = json.loads(checkToken.text)
if isGood["code"] == "0000":
return isGood
# Deactivate old tokens and authcodes
bumper.user_revoke_expired_tokens(tmpuser["userid"])
body = {
"code": bumper.RETURN_API_SUCCESS,
"data": json.loads(login_details.toJSON()),
# {
# "accessToken": self.generate_token(tmpuser), # Generate a token
# "country": countrycode,
# "email": "*****@*****.**",
# "uid": "fuid_{}".format(tmpuser["userid"]),
# "username": "******".format(tmpuser["userid"]),
# },
"msg": "操作成功",
"time": self.get_milli_time(datetime.utcnow().timestamp()),
}
return body
except Exception as e:
confserverlog.exception("{}".format(e))
async def login(self, request):
try:
user_devid = request.match_info.get("devid", "")
countrycode = request.match_info.get("country", "us")
apptype = request.match_info.get("apptype", "")
confserverlog.info(
"client with devid {} attempting login".format(user_devid))
if bumper.use_auth:
if (
not user_devid == ""
): # Performing basic "auth" using devid, super insecure
user = bumper.user_by_deviceid(user_devid)
if "checkLogin" in request.path:
self.check_token(apptype, countrycode, user,
request.query["accessToken"])
else:
if "global_" in apptype: # EcoVacs Home
login_details = EcoVacsHome_Login()
login_details.ucUid = "fuid_{}".format(
user["userid"])
login_details.loginName = "fusername_{}".format(
user["userid"])
login_details.mobile = None
else:
login_details = EcoVacs_Login()
# Deactivate old tokens and authcodes
bumper.user_revoke_expired_tokens(user["userid"])
login_details.accessToken = self.generate_token(
user)
login_details.uid = "fuid_{}".format(
user["userid"])
login_details.username = "******".format(
user["userid"])
login_details.country = countrycode
login_details.email = "*****@*****.**"
body = {
"code":
API_ERRORS[RETURN_API_SUCCESS],
"data":
json.loads(login_details.toJSON()),
# {
# "accessToken": self.generate_token(tmpuser), # Generate a token
# "country": countrycode,
# "email": "*****@*****.**",
# "uid": "fuid_{}".format(tmpuser["userid"]),
# "username": "******".format(tmpuser["userid"]),
# },
"msg":
"操作成功",
"time":
self.get_milli_time(
datetime.utcnow().timestamp()),
}
return web.json_response(body)
body = {
"code": bumper.ERR_USER_NOT_ACTIVATED,
"data": None,
"msg": "当前密码错误",
"time":
self.get_milli_time(datetime.utcnow().timestamp()),
}
return web.json_response(body)
else:
return web.json_response(
self._auth_any(user_devid, apptype, countrycode,
request))
except Exception as e:
confserverlog.exception("{}".format(e))