Пример #1
0
def retype():
    if request.method == 'POST':
        x = request.form['message'].split('\n')
        username = x[0]
        aes_key = base64.b64decode(x[1])
        hex_aes_key = ''.join(x.encode('hex') for x in aes_key)

        print username
        user = User.query.filter(User.username == username).first()
        print '1', hex_aes_key == user.password[:32]
        print '2', hex_aes_key
        print '3', user.password[:32]

        print upload_cache
        entry = upload_cache.get(username)
        if not entry:
            return 'RETYPE 5'
        tries = entry[0]
        case = entry[1]
        folder = entry[2]
        if hex_aes_key == user.password[:32]:
            db.session.add(case)
            db.session.commit()

            # store images in database
            for img_file in glob.glob(os.path.join(folder, "*.jpg")):
                img = Image()
                img.create_image(img_file, case)
                db.session.add(img)
                db.session.commit()

            return 'OK'
        else:
            if tries != 4:
                upload_cache[username] = (tries + 1, case, folder)
            else:
                upload_cache.pop(username)
            return "RETYPE %s" % tries
Пример #2
0
def upload_file():
    if request.method == 'POST':
        # get file from form
        f = request.files['file']
        # if form is not empty
        if f:
            # temporarily save uploaded archive in folder with same name as archive filename
            filename = secure_filename(f.filename)
            folder = (app.config['UPLOAD_FOLDER'] + filename).replace('.zip', '')
            os.makedirs(folder)
            f.save(os.path.join(folder, filename))

            # extract uploaded archive to folder and delete original archive
            with open(os.path.join(folder, filename), 'r') as f:
                z = zipfile.ZipFile(f)
                z.extractall(folder)
            if REMOVE_TEMP:
                os.remove(f.name)

            # get encrypted AES key (128-bit SHA-1 of plaintext password) from XML file and decrypt using RSA private key
            with open(os.path.join(folder, 'accountData.xml'), 'r') as f:
                g = f.read()

            root = ET.fromstring(g)
            username = root.find('user').text
            enc_aes_key = root.find('pass').text.replace('\n','')
            enc_aes_key = base64.b64decode(enc_aes_key)
            private_key = RSA.importKey(Key.query.first().private_key)
            aes_key = private_key.decrypt(enc_aes_key)

            # decrypt image archive using decrypted AES key
            with open(os.path.join(folder, 'cipherZipFile.zip'), 'r') as f:
                enc_img_zip = f.read()
                cipher = AES.new(aes_key, AES.MODE_ECB, 'dummy_parameter')
                msg = cipher.decrypt(enc_img_zip)

            # store decrypted image archive on disk
            with open(os.path.join(folder, 'decrypted.zip'), 'w') as f:
                f.write(msg)
            if REMOVE_TEMP:
                os.remove(os.path.join(folder, 'cipherZipFile.zip'))

            # extract decrypted image archive and store in database
            with open(os.path.join(folder, 'decrypted.zip'), 'r') as f:
                z = zipfile.ZipFile(f)
                z.extractall(folder)
            if REMOVE_TEMP:
                os.remove(f.name)

            # make case using XML data
            tree = ET.parse(os.path.join(folder, 'textData.xml'))
            root = tree.getroot()
            mapping = {}
            for child in root:
                mapping[child.tag] = child.text
            month, day, year = map(int, mapping['date-created'].split('/'))
            hours, minutes, seconds = map(int, mapping['time-created'].split(':'))
            latitude = float(mapping['latitude'])
            longitude = float(mapping['longitude'])
            species = mapping['species'].replace('Plasmodium ', '').capitalize()
            age = mapping['age']
            address = mapping['address']
            region = Region.query.filter(Region.name == mapping['region']).first()

            dt = datetime.datetime(year, month, day, hours, minutes, seconds)
            case = Case(date=dt,age=age,address=address,human_diagnosis=species,lat=latitude,lng=longitude)
            case.region = region

            user = User.query.filter(User.username == username).first()
            hex_aes_key = ''.join(x.encode('hex') for x in aes_key)
            if hex_aes_key == user.password[:32]:
                db.session.add(case)
                db.session.commit()

                # store images in database
                for img_file in glob.glob(os.path.join(folder, "*.jpg")):
                    img = Image()
                    img.create_image(img_file, case)
                    db.session.add(img)
                    db.session.commit()
                    
                    # make new training image
                    trainingImg = TrainingImage(img.id, 0, 'Unlabeled', 'Unlabeled', None)
                    db.session.add(trainingImg)
                    db.session.commit()

                return 'OK'
            else:
                # {'username': (tries, case, folder)
                upload_cache[username] = (0, case, folder)
                return 'RETYPE 0'


    return '''