Exemplo n.º 1
0
    def createuser(self, event):
        self.log("Creating user")
        try:
            newuser = objectmodels['user']({
                'name': event.username,
                'passhash': event.passhash,
                'uuid': str(uuid4())
            })
            newuser.save()
        except Exception as e:
            self.log("Problem creating new user: "******"New profile uuid: ", newprofile.uuid,
                     lvl=verbose)

            # TODO: Fix this - yuk!
            newprofile.components = {
                'enabled': ["dashboard", "map", "weather", "settings"]}
            newprofile.save()
        except Exception as e:
            self.log("Problem creating new profile: ", type(e),
                     e, lvl=error)
            return

        try:
            # TODO: Clone or reference systemwide default configuration
            newclientconfig = objectmodels['client']()
            newclientconfig.uuid = event.clientuuid
            newclientconfig.name = "New client"
            newclientconfig.description = "New client configuration " \
                                          "from " + newuser.name
            newclientconfig.useruuid = newuser.uuid
            newclientconfig.save()
        except Exception as e:
            self.log("Problem creating new clientconfig: ",
                     type(e), e, lvl=error)
            return

        try:
            self.fireEvent(
                authentication(newuser.name,
                               (newuser, newprofile, newclientconfig),
                               event.clientuuid,
                               newuser.uuid,
                               event.sock),
                "auth")
            self.fireEvent(send(event.clientuuid, {
                'component': 'auth',
                'action': 'new',
                'data': 'registration successful'
            }, sendtype="client"), "hfosweb")
        except Exception as e:
            self.log("Error during new account confirmation transmission",
                     e, lvl=error)
Exemplo n.º 2
0
    def authenticationrequest(self, event):
        """Handles authentication requests from clients
        :param event: AuthenticationRequest with user's credentials
        """

        # TODO: Refactor to simplify

        if event.auto:
            self.log("Automatic login request:")

            e = None
            try:
                clientconfig = objectmodels['client'].find_one({
                    'uuid': event.requestedclientuuid
                })
            except Exception as e:
                clientconfig = None

            if clientconfig is None or clientconfig.autologin == False:
                self.log("Autologin failed.", lvl=error)
                return

            # noinspection PySimplifyBooleanCheck
            if clientconfig.autologin == True:

                try:
                    useraccount = objectmodels['user'].find_one({
                        'uuid': clientconfig.useruuid
                    })
                    self.log("Account: %s" % useraccount._fields, lvl=debug)
                except Exception as e:
                    self.log("No userobject due to error: ", e, type(e),
                             lvl=error)

                try:
                    userprofile = objectmodels['profile'].find_one({
                        'uuid': str(useraccount.uuid)
                    })
                    self.log("Profile: ", userprofile,
                             useraccount.uuid, lvl=debug)

                    useraccount.passhash = ""
                    self.fireEvent(
                        authentication(useraccount.name, (
                            useraccount, userprofile, clientconfig),
                                       event.clientuuid,
                                       useraccount.uuid,
                                       event.sock),
                        "auth")
                    self.log("Autologin successful!", lvl=error)
                except Exception as e:
                    self.log("No profile due to error: ", e, type(e),
                             lvl=error)
        else:
            self.log("Auth request for ", event.username,
                     event.clientuuid)

            if (len(event.username) < 3) or (len(event.passhash) < 3):
                self.log("Illegal username or password received, "
                         "login cancelled",
                         lvl=warn)
                return

            useraccount = None
            clientconfig = None
            userprofile = None

            try:
                useraccount = objectmodels['user'].find_one({
                    'name': event.username
                })
                self.log("Account: %s" % useraccount._fields, lvl=debug)
            except Exception as e:
                self.log("No userobject due to error: ", e, type(e),
                         lvl=error)

            if useraccount:
                self.log("User found.")

                if useraccount.passhash == event.passhash:
                    self.log("Passhash matches, checking client and profile.",
                             lvl=debug)

                    requestedclientuuid = event.requestedclientuuid

                    # Client requests to get an existing client
                    # configuration or has none

                    clientconfig = objectmodels['client'].find_one({
                        'uuid': requestedclientuuid
                    })

                    if clientconfig:
                        self.log("Checking client configuration permissions",
                                 lvl=debug)
                        if clientconfig.useruuid != useraccount.uuid:
                            clientconfig = None
                            self.log("Unauthorized client configuration "
                                     "requested",
                                     lvl=warn)
                    else:
                        self.log("Unknown client configuration requested: ",
                                 requestedclientuuid, event.__dict__,
                                 lvl=warn)

                    if not clientconfig:
                        self.log("Creating new default client configuration")
                        # Either no configuration was found or requested
                        # -> Create a new client configuration

                        clientconfig = objectmodels['client']()
                        clientconfig.uuid = event.clientuuid
                        clientconfig.name = "New client"
                        clientconfig.description = "New client configuration from " + useraccount.name
                        clientconfig.useruuid = useraccount.uuid
                        # TODO: Make sure the profile is only saved if the
                        # client could store it, too
                        clientconfig.save()

                    try:
                        userprofile = objectmodels['profile'].find_one(
                            {'uuid': str(useraccount.uuid)})
                        self.log("Profile: ", userprofile,
                                 useraccount.uuid, lvl=debug)

                        useraccount.passhash = ""
                        self.fireEvent(
                            authentication(useraccount.name, (
                                useraccount, userprofile, clientconfig),
                                           event.clientuuid,
                                           useraccount.uuid,
                                           event.sock),
                            "auth")
                    except Exception as e:
                        self.log("No profile due to error: ", e, type(e),
                                 lvl=error)
                else:
                    self.log("Password was wrong!", lvl=warn)

                self.log("Done with Login request", lvl=debug)

            else:
                self.createuser(event)
Exemplo n.º 3
0
Arquivo: auth.py Projeto: ri0t/hfos
    def authenticationrequest(self, event):
        """Handles authentication requests from clients
        :param event: AuthenticationRequest with user's credentials
        """

        # TODO: Refactor to simplify

        if event.auto:
            self.log("Verifying automatic login request")

            try:
                clientconfig = objectmodels['client'].find_one(
                    {'uuid': event.requestedclientuuid})
            except Exception:
                clientconfig = None

            if clientconfig is None or clientconfig.autologin is False:
                self.log("Autologin failed:",
                         event.requestedclientuuid,
                         lvl=error)
                return

            if clientconfig.autologin is True:

                try:
                    useraccount = objectmodels['user'].find_one(
                        {'uuid': clientconfig.owner})
                    self.log("Autologin for", useraccount.name, lvl=debug)
                except Exception as e:
                    self.log("No user object due to error: ",
                             e,
                             type(e),
                             lvl=error)

                try:
                    userprofile = objectmodels['profile'].find_one(
                        {'owner': str(useraccount.uuid)})
                    self.log("Profile: ",
                             userprofile,
                             useraccount.uuid,
                             lvl=debug)

                    useraccount.passhash = ""
                    self.fireEvent(
                        authentication(
                            useraccount.name,
                            (useraccount, userprofile, clientconfig),
                            event.clientuuid, useraccount.uuid, event.sock),
                        "auth")
                    self.log("Autologin successful!", lvl=warn)
                except Exception as e:
                    self.log("No profile due to error: ",
                             e,
                             type(e),
                             lvl=error)
        else:
            self.log("Auth request for ", event.username, event.clientuuid)

            # TODO: Move registration to its own part
            # TODO: Define the requirements for secure passwords etc.

            if (len(event.username) < 3) or (len(event.password) < 3):
                self.log(
                    "Illegal username or password received, "
                    "login cancelled",
                    lvl=warn)
                notification = {
                    'component': 'auth',
                    'action': 'fail',
                    'data': 'Password or username too short'
                }
                self.fireEvent(
                    send(event.clientuuid, notification, sendtype='client'))
                return

            useraccount = None
            clientconfig = None
            userprofile = None

            # TODO: Notify problems here back to the frontend
            try:
                useraccount = objectmodels['user'].find_one(
                    {'name': event.username})
                self.log("Account: %s" % useraccount._fields, lvl=debug)
            except Exception as e:
                self.log("No userobject due to error: ", e, type(e), lvl=error)

            if useraccount:
                self.log("User found.", lvl=debug)

                if self.makehash(event.password) == useraccount.passhash:
                    self.log("Passhash matches, checking client and profile.",
                             lvl=debug)

                    requestedclientuuid = event.requestedclientuuid

                    # Client requests to get an existing client
                    # configuration or has none

                    clientconfig = objectmodels['client'].find_one(
                        {'uuid': requestedclientuuid})

                    if clientconfig:
                        self.log("Checking client configuration permissions",
                                 lvl=debug)
                        if clientconfig.owner != useraccount.uuid:
                            clientconfig = None
                            self.log(
                                "Unauthorized client configuration "
                                "requested",
                                lvl=warn)
                    else:
                        self.log("Unknown client configuration requested: ",
                                 requestedclientuuid,
                                 event.__dict__,
                                 lvl=warn)

                    if not clientconfig:
                        self.log("Creating new default client configuration")
                        # Either no configuration was found or requested
                        # -> Create a new client configuration
                        uuid = event.clientuuid if event.clientuuid is not \
                                                   None else str(uuid4())

                        clientconfig = objectmodels['client']({'uuid': uuid})

                        clientconfig.name = "New client"
                        clientconfig.description = "New client configuration" \
                                                   " from " + useraccount.name
                        clientconfig.owner = useraccount.uuid
                        # TODO: Make sure the profile is only saved if the
                        # client could store it, too
                        clientconfig.save()

                    try:
                        userprofile = objectmodels['profile'].find_one(
                            {'owner': str(useraccount.uuid)})
                        self.log("Profile: ",
                                 userprofile,
                                 useraccount.uuid,
                                 lvl=debug)

                        useraccount.passhash = ""
                        self.fireEvent(
                            authentication(
                                useraccount.name,
                                (useraccount, userprofile, clientconfig),
                                event.clientuuid, useraccount.uuid,
                                event.sock), "auth")
                    except Exception as e:
                        self.log("No profile due to error: ",
                                 e,
                                 type(e),
                                 lvl=error)
                else:
                    self.log("Password was wrong!", lvl=warn)

                    self.fireEvent(
                        send(event.clientuuid, {
                            'component': 'auth',
                            'action': 'fail',
                            'data': 'N/A'
                        },
                             sendtype="client"), "hfosweb")

                self.log("Done with Login request", lvl=debug)

            elif self.systemconfig.allowregister:
                self.createuser(event)
            else:
                self.log(
                    'User not found and system configuration does not '
                    'allow new users to be created',
                    lvl=warn)
Exemplo n.º 4
0
Arquivo: auth.py Projeto: ri0t/hfos
    def authenticationrequest(self, event):
        """Handles authentication requests from clients
        :param event: AuthenticationRequest with user's credentials
        """

        # TODO: Refactor to simplify

        if event.auto:
            self.log("Verifying automatic login request")

            try:
                clientconfig = objectmodels['client'].find_one({
                    'uuid': event.requestedclientuuid
                })
            except Exception:
                clientconfig = None

            if clientconfig is None or clientconfig.autologin is False:
                self.log("Autologin failed:", event.requestedclientuuid,
                         lvl=error)
                return

            if clientconfig.autologin is True:

                try:
                    useraccount = objectmodels['user'].find_one({
                        'uuid': clientconfig.owner
                    })
                    self.log("Autologin for", useraccount.name, lvl=debug)
                except Exception as e:
                    self.log("No user object due to error: ", e, type(e),
                             lvl=error)

                try:
                    userprofile = objectmodels['profile'].find_one({
                        'owner': str(useraccount.uuid)
                    })
                    self.log("Profile: ", userprofile,
                             useraccount.uuid, lvl=debug)

                    useraccount.passhash = ""
                    self.fireEvent(
                        authentication(useraccount.name, (
                            useraccount, userprofile, clientconfig),
                                       event.clientuuid,
                                       useraccount.uuid,
                                       event.sock),
                        "auth")
                    self.log("Autologin successful!", lvl=warn)
                except Exception as e:
                    self.log("No profile due to error: ", e, type(e),
                             lvl=error)
        else:
            self.log("Auth request for ", event.username,
                     event.clientuuid)

            # TODO: Move registration to its own part
            # TODO: Define the requirements for secure passwords etc.

            if (len(event.username) < 3) or (len(event.password) < 3):
                self.log("Illegal username or password received, "
                         "login cancelled",
                         lvl=warn)
                notification = {
                    'component': 'auth',
                    'action': 'fail',
                    'data': 'Password or username too short'
                }
                self.fireEvent(send(event.clientuuid, notification,
                                    sendtype='client'))
                return

            useraccount = None
            clientconfig = None
            userprofile = None

            # TODO: Notify problems here back to the frontend
            try:
                useraccount = objectmodels['user'].find_one({
                    'name': event.username
                })
                self.log("Account: %s" % useraccount._fields, lvl=debug)
            except Exception as e:
                self.log("No userobject due to error: ", e, type(e),
                         lvl=error)

            if useraccount:
                self.log("User found.", lvl=debug)

                if self.makehash(event.password) == useraccount.passhash:
                    self.log("Passhash matches, checking client and profile.",
                             lvl=debug)

                    requestedclientuuid = event.requestedclientuuid

                    # Client requests to get an existing client
                    # configuration or has none

                    clientconfig = objectmodels['client'].find_one({
                        'uuid': requestedclientuuid
                    })

                    if clientconfig:
                        self.log("Checking client configuration permissions",
                                 lvl=debug)
                        if clientconfig.owner != useraccount.uuid:
                            clientconfig = None
                            self.log("Unauthorized client configuration "
                                     "requested",
                                     lvl=warn)
                    else:
                        self.log("Unknown client configuration requested: ",
                                 requestedclientuuid, event.__dict__,
                                 lvl=warn)

                    if not clientconfig:
                        self.log("Creating new default client configuration")
                        # Either no configuration was found or requested
                        # -> Create a new client configuration
                        uuid = event.clientuuid if event.clientuuid is not \
                                                   None else str(uuid4())

                        clientconfig = objectmodels['client']({'uuid': uuid})

                        clientconfig.name = "New client"
                        clientconfig.description = "New client configuration" \
                                                   " from " + useraccount.name
                        clientconfig.owner = useraccount.uuid
                        # TODO: Make sure the profile is only saved if the
                        # client could store it, too
                        clientconfig.save()

                    try:
                        userprofile = objectmodels['profile'].find_one(
                            {'owner': str(useraccount.uuid)})
                        self.log("Profile: ", userprofile,
                                 useraccount.uuid, lvl=debug)

                        useraccount.passhash = ""
                        self.fireEvent(
                            authentication(useraccount.name, (
                                useraccount, userprofile, clientconfig),
                                           event.clientuuid,
                                           useraccount.uuid,
                                           event.sock),
                            "auth")
                    except Exception as e:
                        self.log("No profile due to error: ", e, type(e),
                                 lvl=error)
                else:
                    self.log("Password was wrong!", lvl=warn)

                    self.fireEvent(send(event.clientuuid, {
                        'component': 'auth',
                        'action': 'fail',
                        'data': 'N/A'
                    }, sendtype="client"), "hfosweb")

                self.log("Done with Login request", lvl=debug)

            elif self.systemconfig.allowregister:
                self.createuser(event)
            else:
                self.log('User not found and system configuration does not '
                         'allow new users to be created', lvl=warn)
Exemplo n.º 5
0
Arquivo: auth.py Projeto: ri0t/hfos
    def createuser(self, event):
        self.log("Creating user")
        try:
            newuser = objectmodels['user']({
                'name':
                event.username,
                'passhash':
                self.makehash(event.password),
                'uuid':
                str(uuid4())
            })
            newuser.save()
        except Exception as e:
            self.log("Problem creating new user: "******"New profile uuid: ", newprofile.uuid, lvl=verbose)

            # TODO: Fix this - yuk!
            newprofile.components = {
                'enabled': ["dashboard", "map", "weather", "settings"]
            }
            newprofile.save()
        except Exception as e:
            self.log("Problem creating new profile: ", type(e), e, lvl=error)
            return

        try:
            # TODO: Clone or reference systemwide default configuration
            uuid = event.clientuuid if event.clientuuid is not None else str(
                uuid4())

            newclientconfig = objectmodels['client']({'uuid': uuid})
            newclientconfig.name = "New client"
            newclientconfig.description = "New client configuration " \
                                          "from " + newuser.name
            newclientconfig.owner = newuser.uuid
            newclientconfig.save()
        except Exception as e:
            self.log("Problem creating new clientconfig: ",
                     type(e),
                     e,
                     lvl=error)
            return

        try:
            self.fireEvent(
                authentication(newuser.name,
                               (newuser, newprofile, newclientconfig),
                               event.clientuuid, newuser.uuid, event.sock),
                "auth")
            self.fireEvent(
                send(event.clientuuid, {
                    'component': 'auth',
                    'action': 'new',
                    'data': 'registration successful'
                },
                     sendtype="client"), "hfosweb")
        except Exception as e:
            self.log("Error during new account confirmation transmission",
                     e,
                     lvl=error)