def process_request(data, address, secret): error_message = None pkt = AuthPacket(packet=data, secret=secret, dict={}) reply_pkt = pkt.CreateReply() reply_pkt.code = AccessReject try: username = pkt.get(1)[0] try: password = pkt.PwDecrypt(pkt.get(2)[0]) except UnicodeDecodeError: logger.error( "Error decrypting password -- probably incorrect secret") reply_pkt.code = AccessReject return reply_pkt.ReplyPacket() auth_status = auth_with_foxpass(username, password) and two_factor(username) if auth_status: logger.info('Successful auth') reply_pkt.code = AccessAccept return reply_pkt.ReplyPacket() logger.info('Incorrect password') error_message = 'Incorrect password' except Exception as e: logger.exception(e) error_message = 'Unknown error' if error_message: reply_pkt.AddAttribute(18, error_message) return reply_pkt.ReplyPacket()
def HandleAuthPacket(self:server.Server, pkt:packet.AuthPacket): print(vars()) print("Auth request: ") print(pkt) reply = self.CreateReplyPacket(pkt, **{"Service-Type": "Framed-User", "Framed-IP-Address": pkt['Framed-IP-Address'][0]}) # type: packet.AuthPacket print(dir(reply)) reply.code = packet.AccessReject for attr in pkt.keys(): print("%s: %s" % (attr, pkt[attr])) if "User-Password" in pkt.keys(): print("Checking Password") print(pkt.secret) pkt.dict passwd = pkt.PwDecrypt(pkt.get(2)[0]) print(passwd) # Remove expired vouchers before authenticating GuestServer.removeExpiredVouchers() # Auth against current tokens print(list(map(lambda v: str(v), GuestServer.vouchers))) if GuestServer.vouchers and reduce(lambda a, b: a or b, map(lambda v: v.authenticate(passwd), GuestServer.vouchers)): print("Auth Success") reply.code = packet.AccessAccept else: print("Auth Failed") self.SendReplyPacket(pkt.fd, reply)
def process_request(data, address, secret): error_message = None pkt = AuthPacket(packet=data, secret=secret, dict=Dictionary(io.StringIO(DICTIONARY_DATA))) reply_pkt = pkt.CreateReply() reply_pkt.code = AccessReject try: # [0] is needed because pkt.get returns a list pkt_username = pkt.get('User-Name')[0] logger.info("Auth attempt for '%s'" % (pkt_username, )) try: password = pkt.get('Password') if not password: logger.error("No password field in request") reply_pkt.code = AccessReject return reply_pkt.ReplyPacket() # [0] is needed because pkt.get returns a list password = pkt.PwDecrypt(password[0]) except UnicodeDecodeError: logger.error( "Error decrypting password -- probably incorrect secret") reply_pkt.code = AccessReject return reply_pkt.ReplyPacket() (auth_status, username) = auth_with_foxpass(pkt_username, password) auth_status = auth_status and group_match(username) and two_factor( username) if auth_status: logger.info("Successful auth for '%s'" % (pkt_username, )) reply_pkt.code = AccessAccept return reply_pkt.ReplyPacket() logger.info("Authentication failed for '%s'" % (pkt_username, )) error_message = 'Authentication failed' except Exception as e: logger.exception(e) error_message = str(e) if error_message: reply_pkt.AddAttribute('Reply-Message', error_message) return reply_pkt.ReplyPacket()