def api_register_user(*, email, name, passwd):
if not name or not name.strip():
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not passwd or not _RE_SHA1.match(passwd):
raise APIValueError('passwd')
users = yield from User.findAll('email=?', [email])
if len(users) > 0:
raise APIValueError('register:failed', 'email',
'Email is already in use.')
uid = next_id()
sha1_passwd = '%s:%s' % (uid, passwd)
user = User(id=uid,
name=name.strip(),
email=email,
passwd=hashlib.sha1(sha1_passwd.encode('utf-8')).hexdigest,
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email.encode('utf-8')).hexdigest())
yield from user.save()
r = web.Request()
r.set_cookie(COOKIE_NAME,
user2cookie(user, 86400),
max_age=86400,
httponly=True)
user.passwd = '******'
r.content_type = 'application/json'
r.body = json.dump(user, ensure_ascii=False).encode('utf-8')
return r
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit('/')[-1]
args = run_args.parse_args(['--page-dir', page_dir])
snare_uuid = '9c10172f-7ce2-4fb4-b1c6-abc70141db56'.encode('utf-8')
args.no_dorks = True
self.handler = TannerHandler(args, meta, snare_uuid)
headers = {
'Host': 'test_host',
'status': 200,
'Cookie': 'sess_uuid=prev_test_uuid; test_cookie=test'
}
message = RawRequestMessage(method='POST',
path='/',
version=HttpVersion(major=1, minor=1),
headers=headers,
raw_headers=None,
should_close=None,
compression=None,
upgrade=None,
chunked=None,
url=URL('http://test_url/'))
loop = asyncio.get_event_loop()
RequestHandler = Mock()
protocol = RequestHandler()
self.request = web.Request(message=message,
payload=None,
protocol=protocol,
payload_writer=None,
task='POST',
loop=loop)
self.request.transport.get_extra_info = Mock(
return_value=(['test_ip', 'test_port']))
self.response_status = "test_status"
self.data = None
self.expected_data = {
'method': 'POST',
'path': 'http://test_url/',
'headers': {
'Host': 'test_host',
'status': 200,
'Cookie': 'sess_uuid=prev_test_uuid; test_cookie=test'
},
'uuid': '9c10172f-7ce2-4fb4-b1c6-abc70141db56',
'peer': {
'ip': 'test_ip',
'port': 'test_port'
},
'status': 'test_status',
'cookies': {
'sess_uuid': 'prev_test_uuid',
' test_cookie': 'test'
}
}
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit("/")[-1]
args = run_args.parse_args(["--page-dir", page_dir])
args_dict = vars(args)
args_dict["full_page_path"] = self.main_page_path
snare_uuid = "9c10172f-7ce2-4fb4-b1c6-abc70141db56".encode("utf-8")
args.no_dorks = True
self.handler = TannerHandler(args, meta, snare_uuid)
headers = {
"Host": "test_host",
"status": 200,
"Cookie": "sess_uuid=prev_test_uuid; test_cookie=test",
}
message = RawRequestMessage(
method="POST",
path="/",
version=HttpVersion(major=1, minor=1),
headers=headers,
raw_headers=None,
should_close=None,
compression=None,
upgrade=None,
chunked=None,
url=URL("http://test_url/"),
)
loop = asyncio.get_event_loop()
RequestHandler = Mock()
protocol = RequestHandler()
self.request = web.Request(
message=message,
payload=None,
protocol=protocol,
payload_writer=None,
task="POST",
loop=loop,
)
self.request.transport.get_extra_info = Mock(return_value=(["test_ip", "test_port"]))
self.response_status = "test_status"
self.data = None
self.expected_data = {
"method": "POST",
"path": "http://test_url/",
"headers": {
"Host": "test_host",
"status": 200,
"Cookie": "sess_uuid=prev_test_uuid; test_cookie=test",
},
"uuid": "9c10172f-7ce2-4fb4-b1c6-abc70141db56",
"peer": {"ip": "test_ip", "port": "test_port"},
"status": "test_status",
"cookies": {"sess_uuid": "prev_test_uuid", " test_cookie": "test"},
}
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
self.page_dir = self.main_page_path.rsplit('/')[-1]
args = run_args.parse_args(['--page-dir', self.page_dir])
args_dict = vars(args)
args_dict['full_page_path'] = self.main_page_path
uuid = '9c10172f-7ce2-4fb4-b1c6-abc70141db56'.encode('utf-8')
args.tanner = 'tanner.mushmush.org'
args.no_dorks = True
args.server_header = "test_server"
args.slurp_enabled = True
self.handler = HttpRequestHandler(meta, args, uuid)
self.request_data = {
'method': 'GET',
'path': '/',
'headers': {
'Host': 'test_host',
'Content-Type': 'test_type',
},
'status': 200,
'cookies': {
'sess_uuid': 'prev_test_uuid',
},
}
self.loop = asyncio.new_event_loop()
self.response_content = '<html><body></body></html>'
self.response_headers = multidict.CIMultiDict([("Content-Type", "text/html")])
self.response_status = 200
event_result = dict(response=dict(message=dict(detection={'type': 1}, sess_uuid="test_uuid")))
RequestHandler = Mock()
protocol = RequestHandler()
message = RawRequestMessage(
method='POST', path='/', version=HttpVersion(major=1, minor=1), headers=self.request_data['headers'],
raw_headers=None, should_close=None, compression=None, upgrade=None, chunked=None,
url=URL('http://test_url/')
)
self.request = web.Request(
message=message, payload=None, protocol=protocol, payload_writer=None,
task='POST', loop=self.loop
)
self.handler.tanner_handler.create_data = Mock(return_value=self.request_data)
self.handler.tanner_handler.submit_data = AsyncMock(return_value=event_result)
self.handler.submit_slurp = AsyncMock()
web.Response.add_header = Mock()
web.Response.write = Mock()
web.Response.send_headers = Mock()
web.Response.write_eof = AsyncMock()
aiohttp.streams.EmptyStreamReader.read = AsyncMock(
return_value=b'con1=test1&con2=test2')
self.handler.tanner_handler.parse_tanner_response = AsyncMock(
return_value=(self.response_content, self.response_headers, self.response_status))
async def start_view(self, request):
body = await request.json()
txt = json.loads(body)
self.n_view = txt['N_View']
self.Log = txt['Log']
self.n_operation = txt['N_Operation']
self.n_commit = txt['N_Commit']
self.primary = request.remote
self.current_state = State.NORMAL
return web.Request()
def make_request(self, app, method, path):
headers = CIMultiDict()
message = aiohttp.RawRequestMessage(method, path,
aiohttp.HttpVersion(1, 1), headers,
False, False)
self.payload = mock.Mock()
self.transport = mock.Mock()
self.writer = mock.Mock()
req = web.Request(app, message, self.payload, self.transport,
self.writer, 15)
return req
def response(request):
logging.info('Response handler...')
#调用相应的handler处理request
r =yield from handler(request)
logging.info('r=%s'%str(r))
#如果响应结果为web.StreamResponse类,则直接把它作为响应返回
if isinstance(r,web.StreamResponse):
return r
#如果响应为字节流,则把字节流塞到response的body里,设置响应类型为流类型,返回
if isinstance(r,bytes):
resp=web.Response(body=r)
resp.content_type='application/octet-stream'
return resp
#如果响应为字符串
if isinstance(r,str):
#先判断是不是需要先重定向,是的话直接用重定向的地址重定向
if r.startswith('redirect:'):
return web.HTTPFound(r[9:])
#不是重定向的话,把字符串当做html代码来处理
resp=web.Response(body=r.encode('utf-8'))
resp.content_type='text/html;charset=utf-8'
return resp
#如果响应结果为字典
if isinstance(r,dict):
#先查看一下有没有'__template__'为key的值
template=r.get('__template__')
#如果没有,说明要返回json字符串,则把字典转换为json返回,对应的response类型设为json类型
if template is None:
resp=web.Response(body=json.dumps(r,ensure_ascii=False,default=lambda o:o.__dict__).encode('utf-8'))
resp.content_type='application/json;charset=utf-8'
return resp
else:
r['__user__']=request.__user__
#如果有'__template__'为key的值,则说明要套用jinja2的模板,‘__template__’key对应的模板网页所在位置
resp=web.Response(body=app['__templating__'].get_template(template).render(**r).encode('utf-8'))
resp.content_type='text/html;charset=utf-8'
#以html的形式返回
return resp
#如果响应结果为int
if isinstance(r,int) and r>=100 and r<600:
return web.Response(r)
#如果响应结果为tuple且数量为2
if isinstance(r,tuple) and len(r)==2:
t,m=r
#如果tuple的第一个元素是int类型且在100到600之间,这里应该是认定为t的http状态码,m为错误描述
#或者是服务端自己定义的错误码+描述
if isinstance(t,int) and t>=100 and t<600:
return web.Request(status=t,text=str(m))
#default:默认直接以字符串输出
resp=web.Response(body=str(r).encode('utf-8'))
resp.content_type='text/plain;charset=utf-8'
return resp
def make_request(app, method, path):
headers = CIMultiDict()
if StrictVersion(aiohttp.__version__) < StrictVersion('0.20.0'):
message = aiohttp.RawRequestMessage(method, path,
aiohttp.HttpVersion(1, 1), headers,
False, False)
else:
message = aiohttp.RawRequestMessage(method, path,
aiohttp.HttpVersion(1, 1), headers,
headers, False, False)
payload = mock.Mock()
transport = mock.Mock()
writer = mock.Mock()
req = web.Request(app, message, payload, transport, writer, 15)
return req
def response(request):
logger.info('Response handler...')
r = yield from handler(request)
if isinstance(r, web.StreamResponse):
return r
if isinstance(r, bytes):
res = web.Response(body = r)
res.content_type = 'application/octet-stream'
return res
if isinstance(r, str):
if r.startswith('redirect:'):
return web.HTTPFound(r[9:])
res = web.Response(body = r.encode('utf-8'))
res.content_type = 'text/html; charset=utf-8'
return res
if isinstance(r, dict):
template = r.get('__template__')
if template is None:
res = web.Response(body = json.dumps(r, ensure_ascii = False, default = lambda o: o.__dict__).encode('utf-8'))
res.content_type = 'application/json;charset=utf-8'
return res
else:
r['__user__'] = request.__user__
r['web_meta'] = configs.web_meta
r['categories'] = yield from get_categories()
res = web.Response(body = app['__templating__'].get_template(template).render(**r).encode('utf-8'))
res.content_type = 'text/html;charset=utf-8'
return res
if isinstance(r, int) and r >= 100 and r < 600:
return web.Response(r)
if isinstance(r, tuple) and len(r) == 2:
t, m = r
if isinstance(t, int) and t >= 100 and t < 600:
return web.Response(t, str(m))
#default:
res = web.Request(body = str(r).encode('utf-8'))
res.content_type = 'text/plain;charset=utf-8'
return res
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
self.page_dir = self.main_page_path.rsplit("/")[-1]
args = run_args.parse_args(["--page-dir", self.page_dir])
args_dict = vars(args)
args_dict["full_page_path"] = self.main_page_path
uuid = "9c10172f-7ce2-4fb4-b1c6-abc70141db56".encode("utf-8")
args.tanner = "tanner.mushmush.org"
args.no_dorks = True
args.server_header = "test_server"
args.slurp_enabled = True
self.handler = HttpRequestHandler(meta, args, uuid)
self.request_data = {
"method": "GET",
"path": "/",
"headers": {
"Host": "test_host",
"Content-Type": "test_type",
},
"status": 200,
"cookies": {
"sess_uuid": "prev_test_uuid",
},
}
self.loop = asyncio.new_event_loop()
self.response_content = "<html><body></body></html>"
self.response_headers = multidict.CIMultiDict([("Content-Type",
"text/html")])
self.response_status = 200
event_result = dict(response=dict(
message=dict(detection={"type": 1}, sess_uuid="test_uuid")))
RequestHandler = Mock()
protocol = RequestHandler()
message = RawRequestMessage(
method="POST",
path="/",
version=HttpVersion(major=1, minor=1),
headers=self.request_data["headers"],
raw_headers=None,
should_close=None,
compression=None,
upgrade=None,
chunked=None,
url=URL("http://test_url/"),
)
self.request = web.Request(
message=message,
payload=None,
protocol=protocol,
payload_writer=None,
task="POST",
loop=self.loop,
)
self.handler.tanner_handler.create_data = Mock(
return_value=self.request_data)
self.handler.tanner_handler.submit_data = AsyncMock(
return_value=event_result)
self.handler.submit_slurp = AsyncMock()
web.Response.add_header = Mock()
web.Response.write = Mock()
web.Response.send_headers = Mock()
web.Response.write_eof = AsyncMock()
aiohttp.streams.EmptyStreamReader.read = AsyncMock(
return_value=b"con1=test1&con2=test2")
self.handler.tanner_handler.parse_tanner_response = AsyncMock(
return_value=(
self.response_content,
self.response_headers,
self.response_status,
))
async def index(request):
await asyncio.sleep(0.5)
return web.Request(body=b'<h1>Index</h1>')
async def hello(request):
await asyncio.sleep(0.5)
text = '<h1>hello, %s!</h1>'.format(request.match_info['name'])
return web.Request(body=text.encode('utf-8'))
def index(request):
return web.Request(body = b'<h1>Awesome</h1>')
async def hello(request): return web.Request(text='HEllo,world')
async def get_xhrtime(request):
return web.Request(text=str(xhr_record_time))
raise APIValueError('email', 'Invalid email.')
if not passwd:
raise APIValueError('passwd', 'Invalid passwd.')
users = yield from User.findAll('email=?', [email])
if len(users) == 0:
raise APIValueError('email', 'Email not exist.')
user = user[0]
# check passwd:
sha1 = hashlib.sha1()
sha1.update(user.id.encode('utf-8'))
sha1.update(b':')
sha1.update(passwd.encode('utf-8'))
if user.passwd != sha1.hexdigest():
raise APIValueError('passwd', 'Invalid password.')
# authenticate ok, set cookie:
r = web.Request()
r.set_cookie(COOKIE_NAME, user2cookie(user, 86400), max_age=86400, httponly=True)
user.passwd = '******'
r.content_type = 'aplication/json'
r.body = json.dumps(user, ensure_ascii=False).encode('utf-8')
return r
@get('/signout')
def signout(requset):
referer = requset.headers.get('Referer')
r = web.HTTPFound(referer or '/')
r.set_cookie(COOKIE_NAME, '-deleted-', max_age=0, httponly=True)
logging.info('user signed out.')
return r
@get('/manage')
def index(request):
return web.Request(body=b'<h1>Awesome</h1>',
headers={'content-type': 'text/html'})
