async def handle_login(self, request): try: user_devid = request.match_info.get("devid", "") countrycode = request.match_info.get("country", "us") confserverlog.info( "client with devid {} attempting login".format(user_devid) ) if bumper.use_auth: if ( not user_devid == "" ): # Performing basic "auth" using devid, super insecure user = bumper.user_by_deviceid(user_devid) if "checkLogin" in request.path: self.check_token( countrycode, user, request.query["accessToken"] ) else: # Deactivate old tokens and authcodes bumper.user_revoke_expired_tokens(user["userid"]) body = { "code": bumper.RETURN_API_SUCCESS, "data": { "accessToken": self.generate_token( user ), # generate a new token "country": countrycode, "email": "*****@*****.**", "uid": "fuid_{}".format(user["userid"]), "username": "******".format(user["userid"]), }, "msg": "操作成功", "time": bumper.get_milli_time( datetime.utcnow().timestamp() ), } return web.json_response(body) body = { "code": bumper.ERR_USER_NOT_ACTIVATED, "data": None, "msg": "当前密码错误", "time": bumper.get_milli_time(datetime.utcnow().timestamp()), } return web.json_response(body) else: return web.json_response( self._auth_any(user_devid, countrycode, request) ) except Exception as e: confserverlog.exception("{}".format(e))
def _auth_any(self, devid, country, request): try: user_devid = devid countrycode = country user = bumper.user_by_deviceid(user_devid) bots = bumper.db_get().table("bots").all() if user: # Default to user 0 tmpuser = user bumper.user_add_device(tmpuser["userid"], user_devid) else: bumper.user_add("tmpuser") # Add a new user tmpuser = bumper.user_get("tmpuser") bumper.user_add_device(tmpuser["userid"], user_devid) for bot in bots: # Add all bots to the user bumper.user_add_bot(tmpuser["userid"], bot["did"]) if "checkLogin" in request.path: # If request was to check a token do so checkToken = self.check_token( countrycode, tmpuser, request.query["accessToken"] ) isGood = json.loads(checkToken.text) if isGood["code"] == "0000": return isGood # Deactivate old tokens and authcodes bumper.user_revoke_expired_tokens(tmpuser["userid"]) body = { "code": bumper.RETURN_API_SUCCESS, "data": { "accessToken": self.generate_token(tmpuser), # Generate a token "country": countrycode, "email": "*****@*****.**", "uid": "fuid_{}".format(tmpuser["userid"]), "username": "******".format(tmpuser["userid"]), }, "msg": "操作成功", "time": bumper.get_milli_time(datetime.utcnow().timestamp()), } return body except Exception as e: confserverlog.exception("{}".format(e))
def test_user_db(): if os.path.exists("tests/tmp.db"): os.remove("tests/tmp.db") # Remove existing db # Test os_db_path platform.system = mock.MagicMock(return_value="Windows") p = platform.system() os.getenv = mock.MagicMock(return_value="C:\AppData") o = os.getenv("APPDATA") assert_equals(bumper.os_db_path(), os.path.join(os.getenv("APPDATA"), "bumper.db")) platform.system = mock.MagicMock(return_value="Linux") assert_equals(bumper.os_db_path(), os.path.expanduser("~/.config/bumper.db")) bumper.db = "tests/tmp.db" # Set db location for testing bumper.user_add("testuser") # Add testuser assert_equals(bumper.user_get("testuser")["userid"], "testuser") # Test that testuser was created and returned bumper.user_add_device("testuser", "dev_1234") # Add device to testuser assert_equals(bumper.user_by_deviceid("dev_1234")["userid"], "testuser") # Test that testuser was found by deviceid bumper.user_remove_device("testuser", "dev_1234") # Remove device from testuser assert_true( "dev_1234" not in bumper.user_get("testuser") ["devices"]) # Test that dev_1234 was not found in testuser devices bumper.user_add_bot("testuser", "bot_1234") # Add bot did to testuser assert_true("bot_1234" in bumper.user_get("testuser") ["bots"]) # Test that bot was found in testuser's bot list bumper.user_remove_bot("testuser", "bot_1234") # Remove bot did from testuser assert_true("bot_1234" not in bumper.user_get("testuser") ["bots"]) # Test that bot was not found in testuser's bot list bumper.user_add_token("testuser", "token_1234") # Add token to testuser assert_true(bumper.check_token( "testuser", "token_1234")) # Test that token was found for testuser assert_true(bumper.user_get_token( "testuser", "token_1234")) # Test that token was returned for testuser bumper.user_add_authcode( "testuser", "token_1234", "auth_1234") # Add authcode to token_1234 for testuser assert_true(bumper.check_authcode( "testuser", "auth_1234")) # Test that authcode was found for testuser bumper.user_revoke_authcode("testuser", "token_1234", "auth_1234") # Remove authcode from testuser assert_false(bumper.check_authcode( "testuser", "auth_1234")) # Test that authcode was not found for testuser bumper.user_revoke_token("testuser", "token_1234") # Remove token from testuser assert_false(bumper.check_token( "testuser", "token_1234")) # Test that token was not found for testuser bumper.user_add_token("testuser", "token_1234") # Add token_1234 bumper.user_add_token("testuser", "token_4321") # Add token_4321 assert_equals(len(bumper.user_get_tokens("testuser")), 2) # Test 2 tokens are available bumper.user_revoke_all_tokens("testuser") # Revoke all tokens assert_equals(len(bumper.user_get_tokens("testuser")), 0) # Test 0 tokens are available db = TinyDB("tests/tmp.db") tokens = db.table("tokens") tokens.insert({ "userid": "testuser", "token": "token_1234", "expiration": "{}".format(datetime.datetime.now() + datetime.timedelta(seconds=-10)), }) # Add expired token db.close() assert_equals(len(bumper.user_get_tokens("testuser")), 1) # Test 1 tokens are available bumper.user_revoke_expired_tokens("testuser") # Revoke expired tokens assert_equals(len(bumper.user_get_tokens("testuser")), 0) # Test 0 tokens are available db = TinyDB("tests/tmp.db") tokens = db.table("tokens") tokens.insert({ "userid": "testuser", "token": "token_1234", "expiration": "{}".format(datetime.datetime.now() + datetime.timedelta(seconds=-10)), }) # Add expired token db.close() assert_equals(len(bumper.user_get_tokens("testuser")), 1) # Test 1 tokens are available bumper.revoke_expired_tokens() # Revoke expired tokens assert_equals(len(bumper.user_get_tokens("testuser")), 0) # Test 0 tokens are available
def test_user_db(): bumper.db = "tests/tmp.db" # Set db location for testing bumper.user_add("testuser") # Add testuser assert (bumper.user_get("testuser")["userid"] == "testuser" ) # Test that testuser was created and returned bumper.user_add_device("testuser", "dev_1234") # Add device to testuser assert (bumper.user_by_deviceid("dev_1234")["userid"] == "testuser" ) # Test that testuser was found by deviceid bumper.user_remove_device("testuser", "dev_1234") # Remove device from testuser assert "dev_1234" not in bumper.user_get("testuser")["devices"] # Test that dev_1234 was not found in testuser devices bumper.user_add_bot("testuser", "bot_1234") # Add bot did to testuser assert "bot_1234" in bumper.user_get("testuser")["bots"] # Test that bot was found in testuser's bot list bumper.user_remove_bot("testuser", "bot_1234") # Remove bot did from testuser assert "bot_1234" not in bumper.user_get("testuser")["bots"] # Test that bot was not found in testuser's bot list bumper.user_add_token("testuser", "token_1234") # Add token to testuser assert bumper.check_token("testuser", "token_1234") # Test that token was found for testuser assert bumper.user_get_token("testuser", "token_1234") # Test that token was returned for testuser bumper.user_add_authcode( "testuser", "token_1234", "auth_1234") # Add authcode to token_1234 for testuser assert bumper.check_authcode("testuser", "auth_1234") # Test that authcode was found for testuser bumper.user_revoke_authcode("testuser", "token_1234", "auth_1234") # Remove authcode from testuser assert bumper.check_authcode("testuser", "auth_1234") == False # Test that authcode was not found for testuser bumper.user_revoke_token("testuser", "token_1234") # Remove token from testuser assert (bumper.check_token("testuser", "token_1234") == False ) # Test that token was not found for testuser bumper.user_add_token("testuser", "token_1234") # Add token_1234 bumper.user_add_token("testuser", "token_4321") # Add token_4321 assert len( bumper.user_get_tokens("testuser")) == 2 # Test 2 tokens are available bumper.user_revoke_all_tokens("testuser") # Revoke all tokens assert len( bumper.user_get_tokens("testuser")) == 0 # Test 0 tokens are available db = TinyDB("tests/tmp.db") tokens = db.table("tokens") tokens.insert({ "userid": "testuser", "token": "token_1234", "expiration": "{}".format(datetime.now() + timedelta(seconds=-10)), }) # Add expired token db.close() assert len( bumper.user_get_tokens("testuser")) == 1 # Test 1 tokens are available bumper.user_revoke_expired_tokens("testuser") # Revoke expired tokens assert len( bumper.user_get_tokens("testuser")) == 0 # Test 0 tokens are available db = TinyDB("tests/tmp.db") tokens = db.table("tokens") tokens.insert({ "userid": "testuser", "token": "token_1234", "expiration": "{}".format(datetime.now() + timedelta(seconds=-10)), }) # Add expired token db.close() assert len( bumper.user_get_tokens("testuser")) == 1 # Test 1 tokens are available bumper.revoke_expired_tokens() # Revoke expired tokens assert len( bumper.user_get_tokens("testuser")) == 0 # Test 0 tokens are available
def _auth_any(self, devid, apptype, country, request): try: user_devid = devid countrycode = country user = bumper.user_by_deviceid(user_devid) bots = bumper.db_get().table("bots").all() if user: # Default to user 0 tmpuser = user if "global_" in apptype: # EcoVacs Home login_details = EcoVacsHome_Login() login_details.ucUid = "fuid_{}".format( tmpuser["userid"]) login_details.loginName = "fusername_{}".format( tmpuser["userid"]) login_details.mobile = None else: login_details = EcoVacs_Login() login_details.accessToken = self.generate_token(tmpuser) login_details.uid = "fuid_{}".format(tmpuser["userid"]) login_details.username = "******".format( tmpuser["userid"]) login_details.country = countrycode login_details.email = "*****@*****.**" bumper.user_add_device(tmpuser["userid"], user_devid) else: bumper.user_add("tmpuser") # Add a new user tmpuser = bumper.user_get("tmpuser") if "global_" in apptype: # EcoVacs Home login_details = EcoVacsHome_Login() login_details.ucUid = "fuid_{}".format( tmpuser["userid"]) login_details.loginName = "fusername_{}".format( tmpuser["userid"]) login_details.mobile = None else: login_details = EcoVacs_Login() login_details.accessToken = self.generate_token(tmpuser) login_details.uid = "fuid_{}".format(tmpuser["userid"]) login_details.username = "******".format( tmpuser["userid"]) login_details.country = countrycode login_details.email = "*****@*****.**" bumper.user_add_device(tmpuser["userid"], user_devid) for bot in bots: # Add all bots to the user if "did" in bot: bumper.user_add_bot(tmpuser["userid"], bot["did"]) else: confserverlog.error("No DID for bot: {}".format(bot)) if "checkLogin" in request.path: # If request was to check a token do so checkToken = self.check_token(apptype, countrycode, tmpuser, request.query["accessToken"]) isGood = json.loads(checkToken.text) if isGood["code"] == "0000": return isGood # Deactivate old tokens and authcodes bumper.user_revoke_expired_tokens(tmpuser["userid"]) body = { "code": bumper.RETURN_API_SUCCESS, "data": json.loads(login_details.toJSON()), # { # "accessToken": self.generate_token(tmpuser), # Generate a token # "country": countrycode, # "email": "*****@*****.**", # "uid": "fuid_{}".format(tmpuser["userid"]), # "username": "******".format(tmpuser["userid"]), # }, "msg": "操作成功", "time": self.get_milli_time(datetime.utcnow().timestamp()), } return body except Exception as e: confserverlog.exception("{}".format(e))
async def login(self, request): try: user_devid = request.match_info.get("devid", "") countrycode = request.match_info.get("country", "us") apptype = request.match_info.get("apptype", "") confserverlog.info( "client with devid {} attempting login".format(user_devid)) if bumper.use_auth: if ( not user_devid == "" ): # Performing basic "auth" using devid, super insecure user = bumper.user_by_deviceid(user_devid) if "checkLogin" in request.path: self.check_token(apptype, countrycode, user, request.query["accessToken"]) else: if "global_" in apptype: # EcoVacs Home login_details = EcoVacsHome_Login() login_details.ucUid = "fuid_{}".format( user["userid"]) login_details.loginName = "fusername_{}".format( user["userid"]) login_details.mobile = None else: login_details = EcoVacs_Login() # Deactivate old tokens and authcodes bumper.user_revoke_expired_tokens(user["userid"]) login_details.accessToken = self.generate_token( user) login_details.uid = "fuid_{}".format( user["userid"]) login_details.username = "******".format( user["userid"]) login_details.country = countrycode login_details.email = "*****@*****.**" body = { "code": API_ERRORS[RETURN_API_SUCCESS], "data": json.loads(login_details.toJSON()), # { # "accessToken": self.generate_token(tmpuser), # Generate a token # "country": countrycode, # "email": "*****@*****.**", # "uid": "fuid_{}".format(tmpuser["userid"]), # "username": "******".format(tmpuser["userid"]), # }, "msg": "操作成功", "time": self.get_milli_time( datetime.utcnow().timestamp()), } return web.json_response(body) body = { "code": bumper.ERR_USER_NOT_ACTIVATED, "data": None, "msg": "当前密码错误", "time": self.get_milli_time(datetime.utcnow().timestamp()), } return web.json_response(body) else: return web.json_response( self._auth_any(user_devid, apptype, countrycode, request)) except Exception as e: confserverlog.exception("{}".format(e))