def verify_assertion(request): print("verify_assertion") challenge = request.session.get('challenge', False) assertion_response = request.POST credential_id = assertion_response.get('id') user = User_T.get(credential_id=credential_id) if not user: return JsonResponse({'fail': 'User does not exist.'}) webauthn_user = webauthn.WebAuthnUser(user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, uv_required=False) # User Verification try: sign_count = webauthn_assertion_response.verify() except Exception as e: return JsonResponse({'fail': 'Assertion failed. Error: {}'.format(e)}) # Update counter. user.sign_count = sign_count user.save() login(request, user) return JsonResponse( {'success': 'Successfully authenticated as {}'.format(user.username)})
def verify_assertion(): challenge = session.get("challenge") print(session) print("------------------------------------------") assertion_response = request.form credential_id = assertion_response.get("id") user = User.query.filter_by(credential_id=credential_id).first() if not user: return make_response(jsonify({"fail": "User does not exist."}), 401) webauthn_user = webauthn.WebAuthnUser( user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id, ) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, uv_required=False) # User Verification sign_count = webauthn_assertion_response.verify() # Update counter. user.sign_count = sign_count db.session.add(user) db.session.commit() # Add to session session['user_is_authenticated'] = True session['user_rollno'] = user.rollno if user.is_staff: session['is_staff'] = True print("IM STAFF") return jsonify({ "success": "Successfully logged in as {}".format(user.username), "is_staff": True, "student_id": user.rollno }) else: session['is_staff'] = False return jsonify({ "success": "Successfully logged in as {}".format(user.username), "is_staff": False, "staff_id": user.rollno })
def webauthn_begin_assertion(): rollno = request.form.get("rollno") if not rollno: rollno = session.get('user_rollno') user = User.query.filter_by(rollno=rollno).first() if not user: return make_response(jsonify({"fail": "User does not exist."}), 401) if not user.credential_id: return make_response(jsonify({"fail": "Unknown credential ID."}), 401) challenge = util.generate_challenge(32) webauthn_user = webauthn.WebAuthnUser( user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id, ) webauthn_assertion_options = webauthn.WebAuthnAssertionOptions( webauthn_user, challenge) session["challenge"] = challenge.rstrip("=") session["user_rollno"] = rollno print(session.get('challenge')) response = make_response( jsonify(webauthn_assertion_options.assertion_dict), 200) return response
def make_user(user, device, relying_party): return webauthn.WebAuthnUser( user_id=make_user_id(user), username=user.get_username(), display_name=user.get_full_name(), icon_url=None, credential_id=device.key_handle, public_key=device.public_key, sign_count=device.sign_count, rp_id=relying_party['id'], )
def webauthn_begin_assertion(request): username = request.POST.get('login_username') challenge = generate_challenge(32) user = User_T.objects.get(username=username) if 'challenge' in request.session: del request.session['challenge'] challenge = generate_challenge(32) request.session['challenge'] = challenge webauthn_user = webauthn.WebAuthnUser(user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id) webauthn_assertion_options = webauthn.WebAuthnAssertionOptions( webauthn_user, challenge) return JsonResponse(webauthn_assertion_options.assertion_dict)
def verify_assertion_attendance(): latitude = request.form.get("latitude") longitude = request.form.get("longitude") rollno = request.form.get("rollno") staff_id = request.form.get("staff_code") course_code = request.form.get("course_code") period = request.form.get("period") challenge = session.get("challenge") assertion_response = request.form credential_id = assertion_response.get("id") user = User.query.filter_by(credential_id=credential_id).first() if not user: return make_response(jsonify({"fail": "User does not exist."}), 401) webauthn_user = webauthn.WebAuthnUser( user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id, ) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, uv_required=False) # User Verification sign_count = webauthn_assertion_response.verify() # Update counter. user.sign_count = sign_count todays_datetime = datetime(datetime.today().year, datetime.today().month, datetime.today().day) attendance = Attendance.query.filter_by( roll_no=rollno, staff_id=staff_id, period=period, logged_time=todays_datetime).first() if attendance: return make_response( jsonify({"fail": "Attendance has already been registered"}), 200) db.session.add(user) db.session.commit() # check if the attendance is given at the correct lat, long loc = Course.query.filter_by(latitude=latitude, longitude=longitude).first() if not loc: return make_response( jsonify( {"fail": "Location Incorrect, Please be at correct location"}), 200) location = Location(latitude=latitude, longitude=longitude) attendance = Attendance( roll_no=rollno, staff_id=staff_id, is_present=1, is_fingerprint=1, logged_time=datetime.datetime.now(), period=period, location=location, course_code=course_code, ) db.session.add(attendance) db.session.commit() return jsonify( {"success": "Successfully authenticated as {}".format(user.username)})