Selaa lähdekoodia
client workflow can now work with session-ids
auth and hello are now session-based now multiple clients can work at the same time so the last criteria is also fullfilledmaster
2 muutettua tiedostoa jossa 21 lisäystä ja 17 poistoa
+ 7
- 6
chap-client.py
Näytä tiedosto
| @@ -6,11 +6,12 @@ import hashlib | |||
| # connects to the XMLRPC Server | |||
| s = xmlrpc.client.ServerProxy('http://localhost:8000') | |||
| # initalized the login process | |||
| key = s.init() | |||
| session, key = s.init() | |||
| password_hash = hashlib.sha256( ( 'Test123' + key ).encode( 'utf-8' ) ).hexdigest(); | |||
| # does the actual authentication | |||
| print( s.auth( hashlib.sha256( ( 'Test123' + key ).encode( 'utf-8' ) ).hexdigest() ) ) | |||
| print( s.auth( session, password_hash ) ) | |||
| # tests protected method | |||
| print( s.hello() ) | |||
| # Print list of available methods | |||
| print( s.system.listMethods() ) | |||
| print( s.hello( session ) ) | |||
| # logs out cause anything seems to be done already | |||
| print( s.logout( session, password_hash ) ) | |||
+ 14
- 11
chap-server.py
Näytä tiedosto
| @@ -37,24 +37,27 @@ class CHAP: | |||
| # checks if send hash is same as internally generated to validate if the correct | |||
| # password was used | |||
| def auth( self, password_hash ): | |||
| combined = CHAP.test_password + self.key | |||
| passhash = hashlib.sha256( combined.encode( 'utf-8' ) ).hexdigest() | |||
| self.authenticated = passhash == password_hash | |||
| return self.authenticated | |||
| def auth( self, session, password_hash ): | |||
| if session in self.keys: | |||
| combined = CHAP.test_password + self.keys[ session ] | |||
| passhash = hashlib.sha256( combined.encode( 'utf-8' ) ).hexdigest() | |||
| self.authenticated[ session ] = passhash == password_hash | |||
| return self.authenticated[ session ] == True | |||
| else: | |||
| return False | |||
| # adds functionality for users to log them selfes off, but also need the | |||
| # the password_hash to ensure, that nobody else logs you off | |||
| def logout( self, session, password_hash ): | |||
| if session in self.authenticated: | |||
| if self.auth( password_hash ): | |||
| self.authenticated[ session ] = False | |||
| return self.authenticated.get( session ) | |||
| if self.auth( session, password_hash ): | |||
| del self.authenticated[ session ] | |||
| del self.keys[ session ] | |||
| return self.authenticated.get( session ) != True | |||
| # a little method that refuses to say hi, if you | |||
| # are not authenticated | |||
| def hello( self ): | |||
| if ( self.authenticated ): | |||
| def hello( self, session ): | |||
| if ( self.authenticated.get( session ) == True ): | |||
| return 'Hi, you are authenticated' | |||
| else: | |||
| return 'Sorry, please authenticate first' | |||
Loading…