Exemplo n.º 1
0
    async def handle_login(self, request):
        try:
            user_devid = request.match_info.get("devid", "")
            countrycode = request.match_info.get("country", "us")
            confserverlog.info(
                "client with devid {} attempting login".format(user_devid)
            )
            if bumper.use_auth:
                if (
                    not user_devid == ""
                ):  # Performing basic "auth" using devid, super insecure
                    user = bumper.user_by_deviceid(user_devid)
                    if "checkLogin" in request.path:
                        self.check_token(
                            countrycode, user, request.query["accessToken"]
                        )
                    else:
                        # Deactivate old tokens and authcodes
                        bumper.user_revoke_expired_tokens(user["userid"])

                        body = {
                            "code": bumper.RETURN_API_SUCCESS,
                            "data": {
                                "accessToken": self.generate_token(
                                    user
                                ),  # generate a new token
                                "country": countrycode,
                                "email": "*****@*****.**",
                                "uid": "fuid_{}".format(user["userid"]),
                                "username": "******".format(user["userid"]),
                            },
                            "msg": "操作成功",
                            "time": bumper.get_milli_time(
                                datetime.utcnow().timestamp()
                            ),
                        }
                        return web.json_response(body)

                body = {
                    "code": bumper.ERR_USER_NOT_ACTIVATED,
                    "data": None,
                    "msg": "当前密码错误",
                    "time": bumper.get_milli_time(datetime.utcnow().timestamp()),
                }

                return web.json_response(body)

            else:
                return web.json_response(
                    self._auth_any(user_devid, countrycode, request)
                )

        except Exception as e:
            confserverlog.exception("{}".format(e))
Exemplo n.º 2
0
    def _auth_any(self, devid, country, request):
        try:
            user_devid = devid
            countrycode = country
            user = bumper.user_by_deviceid(user_devid)
            bots = bumper.db_get().table("bots").all()

            if user:  # Default to user 0
                tmpuser = user
                bumper.user_add_device(tmpuser["userid"], user_devid)
            else:
                bumper.user_add("tmpuser")  # Add a new user
                tmpuser = bumper.user_get("tmpuser")
                bumper.user_add_device(tmpuser["userid"], user_devid)

            for bot in bots:  # Add all bots to the user
                bumper.user_add_bot(tmpuser["userid"], bot["did"])

            if "checkLogin" in request.path:  # If request was to check a token do so
                checkToken = self.check_token(
                    countrycode, tmpuser, request.query["accessToken"]
                )
                isGood = json.loads(checkToken.text)
                if isGood["code"] == "0000":
                    return isGood

            # Deactivate old tokens and authcodes
            bumper.user_revoke_expired_tokens(tmpuser["userid"])

            body = {
                "code": bumper.RETURN_API_SUCCESS,
                "data": {
                    "accessToken": self.generate_token(tmpuser),  # Generate a token
                    "country": countrycode,
                    "email": "*****@*****.**",
                    "uid": "fuid_{}".format(tmpuser["userid"]),
                    "username": "******".format(tmpuser["userid"]),
                },
                "msg": "操作成功",
                "time": bumper.get_milli_time(datetime.utcnow().timestamp()),
            }

            return body

        except Exception as e:
            confserverlog.exception("{}".format(e))
Exemplo n.º 3
0
    async def handle_getAuthCode(self, request):
        try:

            user_devid = request.match_info.get("devid", "")
            if not user_devid == "":
                user = bumper.user_by_deviceid(user_devid)
                if user:
                    token = bumper.user_get_token(
                        user["userid"], request.query["accessToken"]
                    )
                    if token:
                        authcode = ""
                        if not "authcode" in token:
                            authcode = self.generate_authcode(
                                user,
                                request.match_info.get("country", "us"),
                                request.query["accessToken"],
                            )
                        else:
                            authcode = token["authcode"]

                        body = {
                            "code": bumper.RETURN_API_SUCCESS,
                            "data": {
                                "authCode": authcode,
                                "ecovacsUid": request.query["uid"],
                            },
                            "msg": "操作成功",
                            "time": bumper.get_milli_time(
                                datetime.utcnow().timestamp()
                            ),
                        }
                        return web.json_response(body)

            body = {
                "code": bumper.ERR_TOKEN_INVALID,
                "data": None,
                "msg": "当前密码错误",
                "time": bumper.get_milli_time(datetime.utcnow().timestamp()),
            }

            return web.json_response(body)

        except Exception as e:
            confserverlog.exception("{}".format(e))
Exemplo n.º 4
0
    async def handle_logout(self, request):
        try:
            user_devid = request.match_info.get("devid", "")
            if not user_devid == "":
                user = bumper.user_by_deviceid(user_devid)
                if user:
                    if bumper.check_token(user["userid"], request.query["accessToken"]):
                        # Deactivate old tokens and authcodes
                        bumper.user_revoke_token(
                            user["userid"], request.query["accessToken"]
                        )

            body = {
                "code": bumper.RETURN_API_SUCCESS,
                "data": None,
                "msg": "操作成功",
                "time": bumper.get_milli_time(datetime.utcnow().timestamp()),
            }

            return web.json_response(body)

        except Exception as e:
            confserverlog.exception("{}".format(e))
Exemplo n.º 5
0
def test_user_db():
    if os.path.exists("tests/tmp.db"):
        os.remove("tests/tmp.db")  # Remove existing db

    # Test os_db_path
    platform.system = mock.MagicMock(return_value="Windows")
    p = platform.system()
    os.getenv = mock.MagicMock(return_value="C:\AppData")
    o = os.getenv("APPDATA")
    assert_equals(bumper.os_db_path(),
                  os.path.join(os.getenv("APPDATA"), "bumper.db"))

    platform.system = mock.MagicMock(return_value="Linux")
    assert_equals(bumper.os_db_path(),
                  os.path.expanduser("~/.config/bumper.db"))

    bumper.db = "tests/tmp.db"  # Set db location for testing
    bumper.user_add("testuser")  # Add testuser

    assert_equals(bumper.user_get("testuser")["userid"],
                  "testuser")  # Test that testuser was created and returned

    bumper.user_add_device("testuser", "dev_1234")  # Add device to testuser

    assert_equals(bumper.user_by_deviceid("dev_1234")["userid"],
                  "testuser")  # Test that testuser was found by deviceid

    bumper.user_remove_device("testuser",
                              "dev_1234")  # Remove device from testuser

    assert_true(
        "dev_1234" not in bumper.user_get("testuser")
        ["devices"])  # Test that dev_1234 was not found in testuser devices

    bumper.user_add_bot("testuser", "bot_1234")  # Add bot did to testuser

    assert_true("bot_1234" in bumper.user_get("testuser")
                ["bots"])  # Test that bot was found in testuser's bot list

    bumper.user_remove_bot("testuser",
                           "bot_1234")  # Remove bot did from testuser

    assert_true("bot_1234" not in bumper.user_get("testuser")
                ["bots"])  # Test that bot was not found in testuser's bot list

    bumper.user_add_token("testuser", "token_1234")  # Add token to testuser

    assert_true(bumper.check_token(
        "testuser", "token_1234"))  # Test that token was found for testuser

    assert_true(bumper.user_get_token(
        "testuser", "token_1234"))  # Test that token was returned for testuser

    bumper.user_add_authcode(
        "testuser", "token_1234",
        "auth_1234")  # Add authcode to token_1234 for testuser
    assert_true(bumper.check_authcode(
        "testuser", "auth_1234"))  # Test that authcode was found for testuser

    bumper.user_revoke_authcode("testuser", "token_1234",
                                "auth_1234")  # Remove authcode from testuser
    assert_false(bumper.check_authcode(
        "testuser",
        "auth_1234"))  # Test that authcode was not found for testuser
    bumper.user_revoke_token("testuser",
                             "token_1234")  # Remove token from testuser
    assert_false(bumper.check_token(
        "testuser",
        "token_1234"))  # Test that token was not found for testuser
    bumper.user_add_token("testuser", "token_1234")  # Add token_1234
    bumper.user_add_token("testuser", "token_4321")  # Add token_4321
    assert_equals(len(bumper.user_get_tokens("testuser")),
                  2)  # Test 2 tokens are available
    bumper.user_revoke_all_tokens("testuser")  # Revoke all tokens
    assert_equals(len(bumper.user_get_tokens("testuser")),
                  0)  # Test 0 tokens are available

    db = TinyDB("tests/tmp.db")
    tokens = db.table("tokens")
    tokens.insert({
        "userid":
        "testuser",
        "token":
        "token_1234",
        "expiration":
        "{}".format(datetime.datetime.now() + datetime.timedelta(seconds=-10)),
    })  # Add expired token
    db.close()
    assert_equals(len(bumper.user_get_tokens("testuser")),
                  1)  # Test 1 tokens are available
    bumper.user_revoke_expired_tokens("testuser")  # Revoke expired tokens
    assert_equals(len(bumper.user_get_tokens("testuser")),
                  0)  # Test 0 tokens are available

    db = TinyDB("tests/tmp.db")
    tokens = db.table("tokens")
    tokens.insert({
        "userid":
        "testuser",
        "token":
        "token_1234",
        "expiration":
        "{}".format(datetime.datetime.now() + datetime.timedelta(seconds=-10)),
    })  # Add expired token
    db.close()
    assert_equals(len(bumper.user_get_tokens("testuser")),
                  1)  # Test 1 tokens are available
    bumper.revoke_expired_tokens()  # Revoke expired tokens
    assert_equals(len(bumper.user_get_tokens("testuser")),
                  0)  # Test 0 tokens are available
Exemplo n.º 6
0
def test_user_db():

    bumper.db = "tests/tmp.db"  # Set db location for testing
    bumper.user_add("testuser")  # Add testuser

    assert (bumper.user_get("testuser")["userid"] == "testuser"
            )  # Test that testuser was created and returned

    bumper.user_add_device("testuser", "dev_1234")  # Add device to testuser

    assert (bumper.user_by_deviceid("dev_1234")["userid"] == "testuser"
            )  # Test that testuser was found by deviceid

    bumper.user_remove_device("testuser",
                              "dev_1234")  # Remove device from testuser

    assert "dev_1234" not in bumper.user_get("testuser")["devices"]
    # Test that dev_1234 was not found in testuser devices

    bumper.user_add_bot("testuser", "bot_1234")  # Add bot did to testuser

    assert "bot_1234" in bumper.user_get("testuser")["bots"]
    # Test that bot was found in testuser's bot list

    bumper.user_remove_bot("testuser",
                           "bot_1234")  # Remove bot did from testuser

    assert "bot_1234" not in bumper.user_get("testuser")["bots"]
    # Test that bot was not found in testuser's bot list

    bumper.user_add_token("testuser", "token_1234")  # Add token to testuser

    assert bumper.check_token("testuser", "token_1234")
    # Test that token was found for testuser

    assert bumper.user_get_token("testuser", "token_1234")
    # Test that token was returned for testuser

    bumper.user_add_authcode(
        "testuser", "token_1234",
        "auth_1234")  # Add authcode to token_1234 for testuser
    assert bumper.check_authcode("testuser", "auth_1234")
    # Test that authcode was found for testuser

    bumper.user_revoke_authcode("testuser", "token_1234",
                                "auth_1234")  # Remove authcode from testuser
    assert bumper.check_authcode("testuser", "auth_1234") == False
    # Test that authcode was not found for testuser
    bumper.user_revoke_token("testuser",
                             "token_1234")  # Remove token from testuser
    assert (bumper.check_token("testuser", "token_1234") == False
            )  # Test that token was not found for testuser
    bumper.user_add_token("testuser", "token_1234")  # Add token_1234
    bumper.user_add_token("testuser", "token_4321")  # Add token_4321
    assert len(
        bumper.user_get_tokens("testuser")) == 2  # Test 2 tokens are available
    bumper.user_revoke_all_tokens("testuser")  # Revoke all tokens
    assert len(
        bumper.user_get_tokens("testuser")) == 0  # Test 0 tokens are available

    db = TinyDB("tests/tmp.db")
    tokens = db.table("tokens")
    tokens.insert({
        "userid":
        "testuser",
        "token":
        "token_1234",
        "expiration":
        "{}".format(datetime.now() + timedelta(seconds=-10)),
    })  # Add expired token
    db.close()
    assert len(
        bumper.user_get_tokens("testuser")) == 1  # Test 1 tokens are available
    bumper.user_revoke_expired_tokens("testuser")  # Revoke expired tokens
    assert len(
        bumper.user_get_tokens("testuser")) == 0  # Test 0 tokens are available

    db = TinyDB("tests/tmp.db")
    tokens = db.table("tokens")
    tokens.insert({
        "userid":
        "testuser",
        "token":
        "token_1234",
        "expiration":
        "{}".format(datetime.now() + timedelta(seconds=-10)),
    })  # Add expired token
    db.close()
    assert len(
        bumper.user_get_tokens("testuser")) == 1  # Test 1 tokens are available
    bumper.revoke_expired_tokens()  # Revoke expired tokens
    assert len(
        bumper.user_get_tokens("testuser")) == 0  # Test 0 tokens are available
Exemplo n.º 7
0
        def getUserAccountInfo(self, request):
            try:
                user_devid = request.match_info.get("devid", "")
                countrycode = request.match_info.get("country", "us")
                apptype = request.match_info.get("apptype", "")
                user = bumper.user_by_deviceid(user_devid)

                if "global_" in apptype:  # EcoVacs Home
                    login_details = EcoVacsHome_Login()
                    login_details.ucUid = "fuid_{}".format(user["userid"])
                    login_details.loginName = "fusername_{}".format(
                        user["userid"])
                    login_details.mobile = None
                else:
                    login_details = EcoVacs_Login()

                login_details.uid = "fuid_{}".format(user["userid"])
                login_details.username = "******".format(user["userid"])
                login_details.country = countrycode
                login_details.email = "*****@*****.**"

                body = {
                    "code": bumper.RETURN_API_SUCCESS,
                    "data": {
                        "email": login_details.email,
                        "hasMobile": "N",
                        "hasPassword": "******",
                        "uid": login_details.uid,
                        "userName": login_details.username,
                        "obfuscatedMobile": None,
                        "mobile": None,
                        "loginName": login_details.loginName,
                    },
                    "msg": "操作成功",
                    "time": self.get_milli_time(datetime.utcnow().timestamp()),
                }

                # Example body
                # {
                # "code": "0000",
                # "data": {
                #     "email": "*****@*****.**",
                #     "hasMobile": "N",
                #     "hasPassword": "******",
                #     "headIco": "",
                #     "loginName": "*****@*****.**",
                #     "mobile": null,
                #     "mobileAreaNo": null,
                #     "nickname": "",
                #     "obfuscatedMobile": null,
                #     "thirdLoginInfoList": [
                #     {
                #         "accountType": "WeChat",
                #         "hasBind": "N"
                #     }
                #     ],
                #     "uid": "20180719212155_*****",
                #     "userName": "******"
                # },
                # "msg": "操作成功",
                # "success": true,
                # "time": 1578203898343
                # }

                return web.json_response(body)

            except Exception as e:
                confserverlog.exception("{}".format(e))
Exemplo n.º 8
0
        def _auth_any(self, devid, apptype, country, request):
            try:
                user_devid = devid
                countrycode = country
                user = bumper.user_by_deviceid(user_devid)
                bots = bumper.db_get().table("bots").all()

                if user:  # Default to user 0
                    tmpuser = user
                    if "global_" in apptype:  # EcoVacs Home
                        login_details = EcoVacsHome_Login()
                        login_details.ucUid = "fuid_{}".format(
                            tmpuser["userid"])
                        login_details.loginName = "fusername_{}".format(
                            tmpuser["userid"])
                        login_details.mobile = None
                    else:
                        login_details = EcoVacs_Login()

                    login_details.accessToken = self.generate_token(tmpuser)
                    login_details.uid = "fuid_{}".format(tmpuser["userid"])
                    login_details.username = "******".format(
                        tmpuser["userid"])
                    login_details.country = countrycode
                    login_details.email = "*****@*****.**"
                    bumper.user_add_device(tmpuser["userid"], user_devid)
                else:
                    bumper.user_add("tmpuser")  # Add a new user
                    tmpuser = bumper.user_get("tmpuser")
                    if "global_" in apptype:  # EcoVacs Home
                        login_details = EcoVacsHome_Login()
                        login_details.ucUid = "fuid_{}".format(
                            tmpuser["userid"])
                        login_details.loginName = "fusername_{}".format(
                            tmpuser["userid"])
                        login_details.mobile = None
                    else:
                        login_details = EcoVacs_Login()

                    login_details.accessToken = self.generate_token(tmpuser)
                    login_details.uid = "fuid_{}".format(tmpuser["userid"])
                    login_details.username = "******".format(
                        tmpuser["userid"])
                    login_details.country = countrycode
                    login_details.email = "*****@*****.**"
                    bumper.user_add_device(tmpuser["userid"], user_devid)

                for bot in bots:  # Add all bots to the user
                    if "did" in bot:
                        bumper.user_add_bot(tmpuser["userid"], bot["did"])
                    else:
                        confserverlog.error("No DID for bot: {}".format(bot))

                if "checkLogin" in request.path:  # If request was to check a token do so
                    checkToken = self.check_token(apptype, countrycode,
                                                  tmpuser,
                                                  request.query["accessToken"])
                    isGood = json.loads(checkToken.text)
                    if isGood["code"] == "0000":
                        return isGood

                # Deactivate old tokens and authcodes
                bumper.user_revoke_expired_tokens(tmpuser["userid"])

                body = {
                    "code": bumper.RETURN_API_SUCCESS,
                    "data": json.loads(login_details.toJSON()),
                    # {
                    #    "accessToken": self.generate_token(tmpuser),  # Generate a token
                    #    "country": countrycode,
                    #    "email": "*****@*****.**",
                    #    "uid": "fuid_{}".format(tmpuser["userid"]),
                    #    "username": "******".format(tmpuser["userid"]),
                    # },
                    "msg": "操作成功",
                    "time": self.get_milli_time(datetime.utcnow().timestamp()),
                }

                return body

            except Exception as e:
                confserverlog.exception("{}".format(e))
Exemplo n.º 9
0
        async def login(self, request):
            try:
                user_devid = request.match_info.get("devid", "")
                countrycode = request.match_info.get("country", "us")
                apptype = request.match_info.get("apptype", "")
                confserverlog.info(
                    "client with devid {} attempting login".format(user_devid))
                if bumper.use_auth:
                    if (
                            not user_devid == ""
                    ):  # Performing basic "auth" using devid, super insecure
                        user = bumper.user_by_deviceid(user_devid)
                        if "checkLogin" in request.path:
                            self.check_token(apptype, countrycode, user,
                                             request.query["accessToken"])
                        else:
                            if "global_" in apptype:  # EcoVacs Home
                                login_details = EcoVacsHome_Login()
                                login_details.ucUid = "fuid_{}".format(
                                    user["userid"])
                                login_details.loginName = "fusername_{}".format(
                                    user["userid"])
                                login_details.mobile = None

                            else:
                                login_details = EcoVacs_Login()

                            # Deactivate old tokens and authcodes
                            bumper.user_revoke_expired_tokens(user["userid"])

                            login_details.accessToken = self.generate_token(
                                user)
                            login_details.uid = "fuid_{}".format(
                                user["userid"])
                            login_details.username = "******".format(
                                user["userid"])
                            login_details.country = countrycode
                            login_details.email = "*****@*****.**"

                            body = {
                                "code":
                                API_ERRORS[RETURN_API_SUCCESS],
                                "data":
                                json.loads(login_details.toJSON()),
                                # {
                                #    "accessToken": self.generate_token(tmpuser),  # Generate a token
                                #    "country": countrycode,
                                #    "email": "*****@*****.**",
                                #    "uid": "fuid_{}".format(tmpuser["userid"]),
                                #    "username": "******".format(tmpuser["userid"]),
                                # },
                                "msg":
                                "操作成功",
                                "time":
                                self.get_milli_time(
                                    datetime.utcnow().timestamp()),
                            }

                            return web.json_response(body)

                    body = {
                        "code": bumper.ERR_USER_NOT_ACTIVATED,
                        "data": None,
                        "msg": "当前密码错误",
                        "time":
                        self.get_milli_time(datetime.utcnow().timestamp()),
                    }

                    return web.json_response(body)

                else:
                    return web.json_response(
                        self._auth_any(user_devid, apptype, countrycode,
                                       request))

            except Exception as e:
                confserverlog.exception("{}".format(e))