m = params.getvalue('m') n = params.getvalue('n') # Create new cloak service cfg = Config() db = DB(cfg) # Get user password from database usr = db.get_user_from_username(u) if usr == False: print "INVALID USER" sys.exit(0) password = getUserPassword(usr) # Verifies password decrypted = aes.decrypt( c, password, 256 ) if decrypted != m: print "AUTH ERR" sys.exit(0) # Generates random session key and save to database sessionkey = base64.b64encode( os.urandom(64) ) wid = db.insert_websession( usr[0], sessionkey ) # Send session key in JSON js = json.dumps( {'k': sessionkey, 'n' : n, 'w' : wid} ) crypted = aes.encrypt( ('%04x'%len(js))+js, password, 256 ) #print crypted sys.stdout.write(crypted)