def authenticate_credential(request): kid = request.POST['id'] auth_val = request.POST['val'] auth_type = request.POST['type'] try: if auth_type == 'pin': # raises an error if not found keypair = Keypair.objects.get(hash_pin=hash_string(auth_val), id=kid) elif auth_type == 'rfid': keypair = Keypair.objects.get(hash_rfid=hash_string(auth_val), id=kid) elif auth_type == 'fingerprint': keypair = Keypair.objects.get(id=kid) template = keypair.fingerprint_template if len(auth_val) != 664 or len(template) != 664: raise ValueError("Template must be 664 characters long") fps = FingerprintScanner(debug=False) fps.delete_template(tid=0) # raises an error if it contains invalid characters template = base64.b64decode(bytes(template, 'utf-8'), validate=True) fps.upload_template(tid=0, template=template) # raises an error if it contains invalid characters auth_val = base64.b64decode(bytes(auth_val, 'utf-8'), validate=True) if fps.verify_template(tid=0, template=auth_val): # templates match, verification ok pass else: raise Exception("Templates do not match") response_text = { 'pin': decrypt(keypair.pin), 'rfid_uid': decrypt(keypair.rfid_uid), 'fingerprint_template': keypair.fingerprint_template } return JsonResponse(response_text, safe=False) except Exception as e: response = HttpResponse("incorrect credentials") response.status_code = 400 return response
def authenticate_credential(request): kid = request.POST['id'] auth_val = request.POST['val'] auth_type = request.POST['type'] try: if auth_type == 'pin': # raises an error if not found keypair = Keypair.objects.get(hash_pin=hash_string(auth_val), id=kid) elif auth_type == 'rfid': keypair = Keypair.objects.get(hash_rfid=hash_string(auth_val), id=kid) elif auth_type == 'fingerprint': keypair = Keypair.objects.get(id=kid) template = keypair.fingerprint_template if len(auth_val) != 664 or len(template) != 664: raise ValueError("Template must be 664 characters long") fps = FingerprintScanner(debug=False) fps.delete_template(tid=0) # raises an error if it contains invalid characters template = base64.b64decode(bytes(template, 'utf-8'), validate=True) fps.upload_template(tid=0, template=template) # raises an error if it contains invalid characters auth_val = base64.b64decode(bytes(auth_val, 'utf-8'), validate=True) if fps.verify_template(tid=0, template=auth_val): # templates match, verification ok pass else: raise Exception("Templates do not match") response_text = {'pin':decrypt(keypair.pin), 'rfid_uid':decrypt(keypair.rfid_uid), 'fingerprint_template':keypair.fingerprint_template} return JsonResponse(response_text, safe=False) except Exception as e: response = HttpResponse("incorrect credentials") response.status_code = 400 return response