def verify(request): auth_user = AuthUser() # 提取报文 auth_user.username = request['User-Name'][0] auth_user.mac_address = request['Calling-Station-Id'][0] challenge = request['CHAP-Challenge'][0] chap_password = request['CHAP-Password'][0] chap_id, resp_digest = chap_password[0:1], chap_password[1:] now = datetime.datetime.now() user = User.select().where((User.username == auth_user.username) & (User.expired_at >= now)).first() if not user: log.e(f'reject! user: {auth_user.username} not exist') auth_user.is_valid = False return auth_user # 算法判断上报的用户密码是否正确 if resp_digest != get_chap_rsp(chap_id, user.password, challenge): log.e(f'reject! password: {user.password} not correct') auth_user.is_valid = False return auth_user log.i(f'accept. user: {auth_user.username}, mac: {auth_user.mac_address}') return auth_user
def run(self): try: timeout = 5 response = requests.request(method='GET', url=f'{API_URL}/user/sync', timeout=timeout) except (requests.Timeout, requests.ConnectionError): log.e(f'request {timeout} seconds timeout') return json_response = response.json() # log.d(f'/user/sync response: {json_response}') if not response.ok: log.e(f'response != 200') return data = json_response['data'] for item in data: username = item['username'] password = item['password'] expired_at = item['expired_at'] # expired_at = parse(expired_at).strftime('%Y-%m-%d %H:%M:%S') user = User.select().where((User.username == username)).first() if not user: User.insert(username=username, password=password, expired_at=expired_at).execute() else: if user.expired_at != expired_at or user.password != password: user.expired_at = expired_at user.password = password user.save()
def disconnect(mac_address): log.i(f'disconnect session. mac_address: {mac_address}') command = f"ps -ef | grep -v grep | grep pppoe_sess | grep -i :{mac_address} | awk '{{print $2}}' | xargs kill" ret = subprocess.getoutput(command) log.d(f'ret: {ret}, command: {command}') if ret.find('error') > -1: log.e(f'session disconnect error! ret: {ret}')
def process(self): processes = [ 'task/manage_user.py', 'auth/processor.py', 'acct/processor.py', ] for process in processes: command = f'ps -ef | grep -v grep | grep {process}' ret = subprocess.getoutput(command) if process not in ret: log.e(f'process: {process} not alive!') sentry_sdk.capture_message(f'process: {process} not alive!')
def start(self): try: # 消息循环 while not self.term: self.run() log.d(f'sleep {self.interval} seconds') time.sleep(self.interval) # 睡眠 X 秒 except KeyboardInterrupt: log.e('KeyboardInterrupt, break') except Exception: log.e(traceback.format_exc()) finally: log.i(f'exit, term: {self.term}') log.close()
def disk(self): percent = psutil.disk_usage('/').percent if percent > 90: log.e(f'disk used > 90%!') sentry_sdk.capture_message(f'disk used > 90%!')