def retype():
if request.method == 'POST':
x = request.form['message'].split('\n')
username = x[0]
aes_key = base64.b64decode(x[1])
hex_aes_key = ''.join(x.encode('hex') for x in aes_key)
print username
user = User.query.filter(User.username == username).first()
print '1', hex_aes_key == user.password[:32]
print '2', hex_aes_key
print '3', user.password[:32]
print upload_cache
entry = upload_cache.get(username)
if not entry:
return 'RETYPE 5'
tries = entry[0]
case = entry[1]
folder = entry[2]
if hex_aes_key == user.password[:32]:
db.session.add(case)
db.session.commit()
# store images in database
for img_file in glob.glob(os.path.join(folder, "*.jpg")):
img = Image()
img.create_image(img_file, case)
db.session.add(img)
db.session.commit()
return 'OK'
else:
if tries != 4:
upload_cache[username] = (tries + 1, case, folder)
else:
upload_cache.pop(username)
return "RETYPE %s" % tries
def upload_file():
if request.method == 'POST':
# get file from form
f = request.files['file']
# if form is not empty
if f:
# temporarily save uploaded archive in folder with same name as archive filename
filename = secure_filename(f.filename)
folder = (app.config['UPLOAD_FOLDER'] + filename).replace('.zip', '')
os.makedirs(folder)
f.save(os.path.join(folder, filename))
# extract uploaded archive to folder and delete original archive
with open(os.path.join(folder, filename), 'r') as f:
z = zipfile.ZipFile(f)
z.extractall(folder)
if REMOVE_TEMP:
os.remove(f.name)
# get encrypted AES key (128-bit SHA-1 of plaintext password) from XML file and decrypt using RSA private key
with open(os.path.join(folder, 'accountData.xml'), 'r') as f:
g = f.read()
root = ET.fromstring(g)
username = root.find('user').text
enc_aes_key = root.find('pass').text.replace('\n','')
enc_aes_key = base64.b64decode(enc_aes_key)
private_key = RSA.importKey(Key.query.first().private_key)
aes_key = private_key.decrypt(enc_aes_key)
# decrypt image archive using decrypted AES key
with open(os.path.join(folder, 'cipherZipFile.zip'), 'r') as f:
enc_img_zip = f.read()
cipher = AES.new(aes_key, AES.MODE_ECB, 'dummy_parameter')
msg = cipher.decrypt(enc_img_zip)
# store decrypted image archive on disk
with open(os.path.join(folder, 'decrypted.zip'), 'w') as f:
f.write(msg)
if REMOVE_TEMP:
os.remove(os.path.join(folder, 'cipherZipFile.zip'))
# extract decrypted image archive and store in database
with open(os.path.join(folder, 'decrypted.zip'), 'r') as f:
z = zipfile.ZipFile(f)
z.extractall(folder)
if REMOVE_TEMP:
os.remove(f.name)
# make case using XML data
tree = ET.parse(os.path.join(folder, 'textData.xml'))
root = tree.getroot()
mapping = {}
for child in root:
mapping[child.tag] = child.text
month, day, year = map(int, mapping['date-created'].split('/'))
hours, minutes, seconds = map(int, mapping['time-created'].split(':'))
latitude = float(mapping['latitude'])
longitude = float(mapping['longitude'])
species = mapping['species'].replace('Plasmodium ', '').capitalize()
age = mapping['age']
address = mapping['address']
region = Region.query.filter(Region.name == mapping['region']).first()
dt = datetime.datetime(year, month, day, hours, minutes, seconds)
case = Case(date=dt,age=age,address=address,human_diagnosis=species,lat=latitude,lng=longitude)
case.region = region
user = User.query.filter(User.username == username).first()
hex_aes_key = ''.join(x.encode('hex') for x in aes_key)
if hex_aes_key == user.password[:32]:
db.session.add(case)
db.session.commit()
# store images in database
for img_file in glob.glob(os.path.join(folder, "*.jpg")):
img = Image()
img.create_image(img_file, case)
db.session.add(img)
db.session.commit()
# make new training image
trainingImg = TrainingImage(img.id, 0, 'Unlabeled', 'Unlabeled', None)
db.session.add(trainingImg)
db.session.commit()
return 'OK'
else:
# {'username': (tries, case, folder)
upload_cache[username] = (0, case, folder)
return 'RETYPE 0'
return '''
