def process_request(data, address, secret):
error_message = None
pkt = AuthPacket(packet=data, secret=secret, dict={})
reply_pkt = pkt.CreateReply()
reply_pkt.code = AccessReject
try:
username = pkt.get(1)[0]
try:
password = pkt.PwDecrypt(pkt.get(2)[0])
except UnicodeDecodeError:
logger.error(
"Error decrypting password -- probably incorrect secret")
reply_pkt.code = AccessReject
return reply_pkt.ReplyPacket()
auth_status = auth_with_foxpass(username,
password) and two_factor(username)
if auth_status:
logger.info('Successful auth')
reply_pkt.code = AccessAccept
return reply_pkt.ReplyPacket()
logger.info('Incorrect password')
error_message = 'Incorrect password'
except Exception as e:
logger.exception(e)
error_message = 'Unknown error'
if error_message:
reply_pkt.AddAttribute(18, error_message)
return reply_pkt.ReplyPacket()
def HandleAuthPacket(self:server.Server, pkt:packet.AuthPacket):
print(vars())
print("Auth request: ")
print(pkt)
reply = self.CreateReplyPacket(pkt, **{"Service-Type": "Framed-User", "Framed-IP-Address": pkt['Framed-IP-Address'][0]}) # type: packet.AuthPacket
print(dir(reply))
reply.code = packet.AccessReject
for attr in pkt.keys():
print("%s: %s" % (attr, pkt[attr]))
if "User-Password" in pkt.keys():
print("Checking Password")
print(pkt.secret)
pkt.dict
passwd = pkt.PwDecrypt(pkt.get(2)[0])
print(passwd)
# Remove expired vouchers before authenticating
GuestServer.removeExpiredVouchers()
# Auth against current tokens
print(list(map(lambda v: str(v), GuestServer.vouchers)))
if GuestServer.vouchers and reduce(lambda a, b: a or b, map(lambda v: v.authenticate(passwd), GuestServer.vouchers)):
print("Auth Success")
reply.code = packet.AccessAccept
else:
print("Auth Failed")
self.SendReplyPacket(pkt.fd, reply)
def process_request(data, address, secret):
error_message = None
pkt = AuthPacket(packet=data,
secret=secret,
dict=Dictionary(io.StringIO(DICTIONARY_DATA)))
reply_pkt = pkt.CreateReply()
reply_pkt.code = AccessReject
try:
# [0] is needed because pkt.get returns a list
pkt_username = pkt.get('User-Name')[0]
logger.info("Auth attempt for '%s'" % (pkt_username, ))
try:
password = pkt.get('Password')
if not password:
logger.error("No password field in request")
reply_pkt.code = AccessReject
return reply_pkt.ReplyPacket()
# [0] is needed because pkt.get returns a list
password = pkt.PwDecrypt(password[0])
except UnicodeDecodeError:
logger.error(
"Error decrypting password -- probably incorrect secret")
reply_pkt.code = AccessReject
return reply_pkt.ReplyPacket()
(auth_status, username) = auth_with_foxpass(pkt_username, password)
auth_status = auth_status and group_match(username) and two_factor(
username)
if auth_status:
logger.info("Successful auth for '%s'" % (pkt_username, ))
reply_pkt.code = AccessAccept
return reply_pkt.ReplyPacket()
logger.info("Authentication failed for '%s'" % (pkt_username, ))
error_message = 'Authentication failed'
except Exception as e:
logger.exception(e)
error_message = str(e)
if error_message:
reply_pkt.AddAttribute('Reply-Message', error_message)
return reply_pkt.ReplyPacket()
