def post(self): post_data = request.get_json() root_mac_address = post_data.get('root_mac_address') mac_address = post_data.get('mac_address') if not post_data or not mac_address or not root_mac_address: return CommonResponseObject.fail_response( 'Please provide your mac_address and the mac_address of device for root changing', status.HTTP_412_PRECONDITION_FAILED) auth_token = RequestUtils.get_access_token(request) user_id = User.decode_auth_token(auth_token) device = DeviceList.get_device_by_user_id_and_mac(user_id,mac_address) if not device: return CommonResponseObject.fail_response( 'Your provided mac_address is unathorized', status.HTTP_401_UNAUTHORIZED) root_device = DeviceList.get_device_by_user_id_and_mac(user_id,root_mac_address) if not root_device: return CommonResponseObject.fail_response( 'Your provided mac address of root device is invalid', status.HTTP_404_NOT_FOUND) if not root_device.root: return CommonResponseObject.fail_response( 'Your provided mac address of root device is unauthorized', status.HTTP_401_UNAUTHORIZED) try: device.root = True root_device.root = False db.session.save() db.session.commit() return CommonResponseObject.success_resp_with_mess( 'Your root device is changed successfully') except Exception: return CommonResponseObject.fail_response( 'Some errors occurred')
def post(self): # get the post data post_data = request.get_json() if post_data is None: return CommonResponseObject.fail_response( 'Please provide required data', status.HTTP_404_NOT_FOUND) try: # fetch the user data user = User.get_user_by_email(post_data.get('email')) if user and not user.is_confirmed: return CommonResponseObject.fail_response( 'Please confirm your email address which is sent to your email', status.HTTP_403_FORBIDDEN) mac_address = post_data.get('mac_address') if not mac_address: return CommonResponseObject.fail_response( 'Please provide your MAC address', status.HTTP_412_PRECONDITION_FAILED) if user and bcrypt.check_password_hash(user.password, post_data.get('password')): device = DeviceList.get_device_by_user_id_and_mac( user.id, mac_address) root = DeviceList.get_root_device(user.id) auth_token = DatabaseCheck.prepare_auth_token( user.id, mac_address, None if not device else device.main_key, True if root else False) if auth_token: return CommonResponseObject.login_success(auth_token) else: return CommonResponseObject.login_user_not_exist() except Exception as e: print(e) return CommonResponseObject.login_exception()
def post(self): post_data = request.get_json() if not post_data or not post_data.get('mac_address'): return CommonResponseObject.fail_response( 'Please provide your mac_address for deauthorization', status.HTTP_412_PRECONDITION_FAILED) auth_token = RequestUtils.get_access_token(request) user_id = User.decode_auth_token(auth_token) mac_address = post_data.get('mac_address') device = DeviceList.get_device_by_user_id_and_mac(user_id, mac_address) if not device: return CommonResponseObject.fail_response( 'Invalid authentication token',status.HTTP_401_UNAUTHORIZED) if device.root: return CommonResponseObject.fail_response( 'You are not able to deauthorize without decoding your files to raw', status.HTTP_403_FORBIDDEN) try: db.session.delete(device) db.session.commit() return CommonResponseObject.success_resp_with_mess( 'Your device is no longer authorized') except Exception: return CommonResponseObject.fail_response( 'Some errors occured, please try again')
def __generate_encrypted_OTP(self, user_id, mac_address,encrypted_key): """ Store the received key in the database associate with the root device for later re-encryption with support authorization other devices by encrypt the key with other identifier :params: :user_id: the id of the user :mac_address: MAC address of the device :encrypted_key: temporarily encrypted key :returns: :Error Response: or :JSON object contains encrypted_code: """ device = DeviceList.get_root_device(user_id) print(user_id) if not device: #Check if root device is stored return CommonResponseObject.fail_response( 'Please register for the root device to process further encryption', status.HTTP_401_UNAUTHORIZED) if device.mac_address != mac_address: #check if the access mac_address is the root device return CommonResponseObject.fail_response( 'Please request for authorization with your root device', status.HTTP_403_FORBIDDEN) device.encrypted_key = encrypted_key db.session.commit() encrypted_code= KeyOperation.encrypt_OTP(device) #generate encrypted code return json.dumps(dict(code=encrypted_code)) #jsonize and return
def post(self): """ Add root device """ #Get authentication token auth_token = RequestUtils.get_access_token(request) #Get post data post_data = request.get_json() mac_address = post_data.get('mac_address') os = post_data.get('os') or "Unknown" backup_key = post_data.get('backup_key') otp_modulus = post_data.get('otp_modulus') otp_exponent = post_data.get('otp_exponent') main_key = post_data.get('main_key') root = post_data.get('is_root') user = self.__check_for_require_params(auth_token, mac_address, otp_modulus, otp_exponent, main_key, backup_key) if not isinstance(user, User): return user root_device = DeviceList.get_root_device(user.id) if root_device and root: return CommonResponseObject.fail_response( 'The account already register a root device', status.HTTP_202_ACCEPTED) device = DeviceList(user, mac_address=mac_address, main_key=main_key, backup_key=backup_key, otp_modulus=otp_modulus, otp_exponent=otp_exponent, os=os, is_root=root) try: db.session.add(device) db.session.commit() modulus, exponent = User.decode_public_key(auth_token) auth_token = User.encode_auth_token(user.id, str(modulus), str(exponent), main_key) return CommonResponseObject.login_success( auth_token, 'You are able to encrypt your file now') except Exception as e: print(e) return CommonResponseObject.fail_response( 'Some error occured, please try again.')
def get(self): # Get the access token from the header auth_token = RequestUtils.get_access_token(request) if auth_token: response = User.decode_auth_token(auth_token) if not isinstance(response,str): device_list = DeviceList.get_device_by_user_id(response) data = [device.serialize() for device in device_list] return CommonResponseObject.success_response(data) return CommonResponseObject.fail_response(response,status.HTTP_401_UNAUTHORIZED) else: return CommonResponseObject.unauthorized_token_response()
def add_new_encrypted_key(): user = DatabasePrepare.create_new_user() user = User.query.filter_by(email=user.email).first() public_key = KeyOperation.generate_new_pair().publickey() device = DeviceList(user, mac_address=DatabasePrepare.SUCCESS_MAC_ADDR, os=DatabasePrepare.SUCCESS_OS, backup_key='asdfasdf', main_key='main key', otp_modulus=int(public_key.n), otp_exponent=int(public_key.e), is_root=True) db.session.add(device) db.session.commit() return device
def __process_new_key(self,user_id, key, key_mod, key_exp): """ Process key passing down to the new authorized device with provided key from the root device and encrypt the key with provided public key from the device """ device = DeviceList.get_root_device(user_id) #get root device by user_id if not device: #if root device does not exist return CommonResponseObject.fail_response( 'Some errors occured, please try again') encrypted_key = KeyOperation.re_encryption(key, [key_mod,key_exp], device.encrypted_key) if not encrypted_key: return CommonResponseObject.fail_response( 'Some errors occured, please try again') data = json.dumps(dict(key=encrypted_key)) return CommonResponseObject.success_response(data)