def post(self):
post_data = request.get_json()
root_mac_address = post_data.get('root_mac_address')
mac_address = post_data.get('mac_address')
if not post_data or not mac_address or not root_mac_address:
return CommonResponseObject.fail_response(
'Please provide your mac_address and the mac_address of device for root changing',
status.HTTP_412_PRECONDITION_FAILED)
auth_token = RequestUtils.get_access_token(request)
user_id = User.decode_auth_token(auth_token)
device = DeviceList.get_device_by_user_id_and_mac(user_id,mac_address)
if not device:
return CommonResponseObject.fail_response(
'Your provided mac_address is unathorized',
status.HTTP_401_UNAUTHORIZED)
root_device = DeviceList.get_device_by_user_id_and_mac(user_id,root_mac_address)
if not root_device:
return CommonResponseObject.fail_response(
'Your provided mac address of root device is invalid',
status.HTTP_404_NOT_FOUND)
if not root_device.root:
return CommonResponseObject.fail_response(
'Your provided mac address of root device is unauthorized',
status.HTTP_401_UNAUTHORIZED)
try:
device.root = True
root_device.root = False
db.session.save()
db.session.commit()
return CommonResponseObject.success_resp_with_mess(
'Your root device is changed successfully')
except Exception:
return CommonResponseObject.fail_response(
'Some errors occurred')
def post(self):
# get the post data
post_data = request.get_json()
if post_data is None:
return CommonResponseObject.fail_response(
'Please provide required data', status.HTTP_404_NOT_FOUND)
try:
# fetch the user data
user = User.get_user_by_email(post_data.get('email'))
if user and not user.is_confirmed:
return CommonResponseObject.fail_response(
'Please confirm your email address which is sent to your email',
status.HTTP_403_FORBIDDEN)
mac_address = post_data.get('mac_address')
if not mac_address:
return CommonResponseObject.fail_response(
'Please provide your MAC address',
status.HTTP_412_PRECONDITION_FAILED)
if user and bcrypt.check_password_hash(user.password,
post_data.get('password')):
device = DeviceList.get_device_by_user_id_and_mac(
user.id, mac_address)
root = DeviceList.get_root_device(user.id)
auth_token = DatabaseCheck.prepare_auth_token(
user.id, mac_address,
None if not device else device.main_key,
True if root else False)
if auth_token:
return CommonResponseObject.login_success(auth_token)
else:
return CommonResponseObject.login_user_not_exist()
except Exception as e:
print(e)
return CommonResponseObject.login_exception()
def post(self):
post_data = request.get_json()
if not post_data or not post_data.get('mac_address'):
return CommonResponseObject.fail_response(
'Please provide your mac_address for deauthorization',
status.HTTP_412_PRECONDITION_FAILED)
auth_token = RequestUtils.get_access_token(request)
user_id = User.decode_auth_token(auth_token)
mac_address = post_data.get('mac_address')
device = DeviceList.get_device_by_user_id_and_mac(user_id, mac_address)
if not device:
return CommonResponseObject.fail_response(
'Invalid authentication token',status.HTTP_401_UNAUTHORIZED)
if device.root:
return CommonResponseObject.fail_response(
'You are not able to deauthorize without decoding your files to raw',
status.HTTP_403_FORBIDDEN)
try:
db.session.delete(device)
db.session.commit()
return CommonResponseObject.success_resp_with_mess(
'Your device is no longer authorized')
except Exception:
return CommonResponseObject.fail_response(
'Some errors occured, please try again')
def __generate_encrypted_OTP(self, user_id, mac_address,encrypted_key):
"""
Store the received key in the database associate with the root
device for later re-encryption with support authorization
other devices by encrypt the key with other identifier
:params:
:user_id: the id of the user
:mac_address: MAC address of the device
:encrypted_key: temporarily encrypted key
:returns:
:Error Response: or :JSON object contains encrypted_code:
"""
device = DeviceList.get_root_device(user_id)
print(user_id)
if not device: #Check if root device is stored
return CommonResponseObject.fail_response(
'Please register for the root device to process further encryption',
status.HTTP_401_UNAUTHORIZED)
if device.mac_address != mac_address: #check if the access mac_address is the root device
return CommonResponseObject.fail_response(
'Please request for authorization with your root device',
status.HTTP_403_FORBIDDEN)
device.encrypted_key = encrypted_key
db.session.commit()
encrypted_code= KeyOperation.encrypt_OTP(device) #generate encrypted code
return json.dumps(dict(code=encrypted_code)) #jsonize and return
def post(self):
"""
Add root device
"""
#Get authentication token
auth_token = RequestUtils.get_access_token(request)
#Get post data
post_data = request.get_json()
mac_address = post_data.get('mac_address')
os = post_data.get('os') or "Unknown"
backup_key = post_data.get('backup_key')
otp_modulus = post_data.get('otp_modulus')
otp_exponent = post_data.get('otp_exponent')
main_key = post_data.get('main_key')
root = post_data.get('is_root')
user = self.__check_for_require_params(auth_token, mac_address,
otp_modulus, otp_exponent,
main_key, backup_key)
if not isinstance(user, User):
return user
root_device = DeviceList.get_root_device(user.id)
if root_device and root:
return CommonResponseObject.fail_response(
'The account already register a root device',
status.HTTP_202_ACCEPTED)
device = DeviceList(user,
mac_address=mac_address,
main_key=main_key,
backup_key=backup_key,
otp_modulus=otp_modulus,
otp_exponent=otp_exponent,
os=os,
is_root=root)
try:
db.session.add(device)
db.session.commit()
modulus, exponent = User.decode_public_key(auth_token)
auth_token = User.encode_auth_token(user.id, str(modulus),
str(exponent), main_key)
return CommonResponseObject.login_success(
auth_token, 'You are able to encrypt your file now')
except Exception as e:
print(e)
return CommonResponseObject.fail_response(
'Some error occured, please try again.')
def get(self):
# Get the access token from the header
auth_token = RequestUtils.get_access_token(request)
if auth_token:
response = User.decode_auth_token(auth_token)
if not isinstance(response,str):
device_list = DeviceList.get_device_by_user_id(response)
data = [device.serialize() for device in device_list]
return CommonResponseObject.success_response(data)
return CommonResponseObject.fail_response(response,status.HTTP_401_UNAUTHORIZED)
else:
return CommonResponseObject.unauthorized_token_response()
def add_new_encrypted_key():
user = DatabasePrepare.create_new_user()
user = User.query.filter_by(email=user.email).first()
public_key = KeyOperation.generate_new_pair().publickey()
device = DeviceList(user,
mac_address=DatabasePrepare.SUCCESS_MAC_ADDR,
os=DatabasePrepare.SUCCESS_OS,
backup_key='asdfasdf',
main_key='main key',
otp_modulus=int(public_key.n),
otp_exponent=int(public_key.e),
is_root=True)
db.session.add(device)
db.session.commit()
return device
def __process_new_key(self,user_id, key, key_mod, key_exp):
"""
Process key passing down to the new authorized device with
provided key from the root device and encrypt the key with
provided public key from the device
"""
device = DeviceList.get_root_device(user_id) #get root device by user_id
if not device: #if root device does not exist
return CommonResponseObject.fail_response(
'Some errors occured, please try again')
encrypted_key = KeyOperation.re_encryption(key,
[key_mod,key_exp], device.encrypted_key)
if not encrypted_key:
return CommonResponseObject.fail_response(
'Some errors occured, please try again')
data = json.dumps(dict(key=encrypted_key))
return CommonResponseObject.success_response(data)