def list_users(authenticationHeader):
userlist_url = "http://cs302.kiwi.land/api/list_users"
try:
data = http_funcs.sendJsonRequest(userlist_url, None, authenticationHeader)
except Exception as e:
print(e)
return 1
return data
def send_private_message(username, message):
#Sends a private message to a user of given username
try:
userinfo = sql_funcs.getUserFromUserList(username)[0]
except:
print("user not found")
return
#Grab pubkey of reciever
signing_key = cherrypy.session['private_key']
receiving_pubkey = nacl.signing.VerifyKey(userinfo[3],
encoder=nacl.encoding.HexEncoder)
receiving_pubkey = receiving_pubkey.to_curve25519_public_key()
box = nacl.public.SealedBox(receiving_pubkey)
encrypted = box.encrypt(bytes(message, 'utf-8'),
encoder=nacl.encoding.HexEncoder)
enc_message = encrypted.decode('utf-8')
loginserver_record = cherrypy.session['loginserver_record']
address = userinfo[1]
url = ''
if (address == SERVER_IP):
url = "http://localhost:10000/api/rx_privatemessage"
else:
url = "http://" + address + "/api/rx_privatemessage"
target_pubkey = userinfo[3]
timestamp = str(time.time())
sig_msg = loginserver_record + target_pubkey + username + enc_message + timestamp
sig_bytes = bytes(sig_msg, encoding='utf-8')
sig_hex = signing_key.sign(sig_bytes, encoder=nacl.encoding.HexEncoder)
signature_hex_str = sig_hex.signature.decode('utf-8')
payload = {
"loginserver_record": loginserver_record,
"target_pubkey": target_pubkey,
"target_username": username,
"encrypted_message": enc_message,
"sender_created_at": timestamp,
"signature": signature_hex_str
}
header = http_funcs.getAuthenticationHeader(cherrypy.session['username'],
cherrypy.session['api_key'])
data = http_funcs.sendJsonRequest(url, payload=payload, header=header)
#Send to my own server in case offline
send_away = Thread(
target=http_funcs.sendJsonRequest,
args=["http://localhost:10000/api/rx_privatemessage", payload, header])
send_away.start()
sql_funcs.addLocalPrivateMessage(cherrypy.session['username'], username,
message, timestamp)
print("Message SENT")
print(data)
return 1
def send_broadcast(message):
privateKey = cherrypy.session['private_key']
timestamp = time.time()
message_bytes = bytes(str(cherrypy.session['loginserver_record']) +
str(message) + str(timestamp),
encoding='utf-8')
signed = privateKey.sign(message_bytes, encoder=nacl.encoding.HexEncoder)
signature_hex_str = signed.signature.decode('utf-8')
#create HTTP BASIC authorization header
headers = http_funcs.getAuthenticationHeader(cherrypy.session['username'],
cherrypy.session['api_key'])
payload = {
"loginserver_record": cherrypy.session['loginserver_record'],
"message": str(message),
"sender_created_at": str(timestamp),
"signature": signature_hex_str
}
#Send to own server so we can reload the page
broadcast_url = "http://" + LOCAL_IP + "/api/rx_broadcast"
http_funcs.sendJsonRequest(broadcast_url, payload, headers)
userList = sql_funcs.getUserList()
#SEnd the broadcast to everybody in the user list
ips = [user[1] for user in userList]
ips = set(ips)
print(ips)
for ip in ips:
if (ip != SERVER_IP):
broadcast_url = "http://" + ip + "/api/rx_broadcast"
print("\nSending Broadcast to: " + ip)
send = Thread(target=http_funcs.sendJsonRequest,
args=[broadcast_url, payload, headers])
send.start()
return 0
def ping(pubkey = None, signature = None, authenticationHeader = None):
ping_url = "http://cs302.kiwi.land/api/ping"
payload = {}
if(pubkey):
payload['pubkey'] = pubkey
if(signature):
payload['signature'] = signature
try:
data = http_funcs.sendJsonRequest(ping_url, payload=payload, header=authenticationHeader)
except Exception as e:
print(e)
return "FAIL"
return data
def checkMessages(userinfo):
mytime = time.time()
url = "http://" + userinfo[1] + "/api/checkmessages"
payload = {
"since" : mytime
}
try:
data = http_funcs.sendJsonRequest(url, payload=payload)
except Exception as e:
return
try:
if[data['response'] == 'ok']:
broadcasts = data['broadcasts']
messages = data['private_messages']
for broadcast in broadcasts:
data = http_funcs.sendJsonRequest("http://localhost:10000/api/rx_broadcast", payload=broadcast)
for message in messages:
data = http_funcs.sendJsonRequest("http://localhost:10000/api/rx_privatemessage", payload=message)
else:
return
except Exception as e:
print(e)
return
def add_pubkey(pubkey, username, signature, authenticationHeader):
'''Expect pubkey as hex encoded string'''
addkey_url = "http://cs302.kiwi.land/api/add_pubkey"
#create HTTP BASIC authorization header
payload = {
"pubkey" : pubkey,
"username" : username,
"signature" : signature
}
try:
data = http_funcs.sendJsonRequest(addkey_url, payload, authenticationHeader)
except Exception as e:
print(e)
return 1
return data
def report(connection_location, connection_address, pubkey, status, authenticationHeader):
#Get our needed values
report_url = "http://cs302.kiwi.land/api/report"
#Turn our public key into a hex eoncoded string
headers = authenticationHeader
payload = {
"connection_location" : connection_location,
"connection_address" : connection_address,
"incoming_pubkey" : pubkey,
"status" : status
}
try:
data = http_funcs.sendJsonRequest(report_url, payload, headers)
except Exception as e:
print(e)
return 1
return data
def pingCheck(userinfo):
#Cant ping_check login server
#print("Ping checking: " + userinfo[0])
try:
url = "http://" + userinfo[1] + "/api/ping_check"
if(userinfo[0] == "admin"):
try:
data = loginserver_api.ping()
if(data['response'] == 'ok'):
sql_funcs.updateUserReachable(userinfo[0], "Yes!")
else:
sql_funcs.updateUserReachable(userinfo[0], "Error")
return
except:
sql_funcs.updateUserReachable(userinfo[0], "No")
return
#Cant reach server via own external ip on host machine
if(userinfo[1] == IP):
url = "http://localhost:10000/api/ping_check"
mytime = time.time()
payload = {
"my_time" : str(mytime),
"my_active_usernames" : "a",
"connection_address" : IP,
"connection_location" : LOCATION
}
try:
data = http_funcs.sendJsonRequest(url, payload=payload)
if(data['response'] == 'ok'):
sql_funcs.updateUserReachable(userinfo[0], "Yes!")
return
except:
sql_funcs.updateUserReachable(userinfo[0], "No")
return
except:
pass
def check_pubkey(pubkey, authenticationHeader):
url = "http://cs302.kiwi.land/api/check_pubkey"
payload = {"pubkey" : pubkey}
data = http_funcs.sendJsonRequest(url, payload=payload, header=authenticationHeader)
return data
def get_loginserver_record(authenticationHeader):
url = "http://cs302.kiwi.land/api/get_loginserver_record"
data = http_funcs.sendJsonRequest(url, header=authenticationHeader)
return data
def loginserver_pubkey():
pubkey_url = "http://cs302.kiwi.land/api/loginserver_pubkey"
data = http_funcs.sendJsonRequest(pubkey_url, None, None)
return data
def load_new_apikey(authenticationHeader):
url = "http://cs302.kiwi.land/api/load_new_apikey"
data = http_funcs.sendJsonRequest(url, header=authenticationHeader)
return data