Explorar el Código
client workflow can now work with session-ids
auth and hello are now session-based now multiple clients can work at the same time so the last criteria is also fullfilledmaster
Se han modificado 2 ficheros con 21 adiciones y 17 borrados
+ 7
- 6
chap-client.py
Ver fichero
| # connects to the XMLRPC Server | # connects to the XMLRPC Server | ||||
| s = xmlrpc.client.ServerProxy('http://localhost:8000') | s = xmlrpc.client.ServerProxy('http://localhost:8000') | ||||
| # initalized the login process | # initalized the login process | ||||
| key = s.init() | |||||
| session, key = s.init() | |||||
| password_hash = hashlib.sha256( ( 'Test123' + key ).encode( 'utf-8' ) ).hexdigest(); | |||||
| # does the actual authentication | # does the actual authentication | ||||
| print( s.auth( hashlib.sha256( ( 'Test123' + key ).encode( 'utf-8' ) ).hexdigest() ) ) | |||||
| print( s.auth( session, password_hash ) ) | |||||
| # tests protected method | # tests protected method | ||||
| print( s.hello() ) | |||||
| # Print list of available methods | |||||
| print( s.system.listMethods() ) | |||||
| print( s.hello( session ) ) | |||||
| # logs out cause anything seems to be done already | |||||
| print( s.logout( session, password_hash ) ) |
+ 14
- 11
chap-server.py
Ver fichero
| # checks if send hash is same as internally generated to validate if the correct | # checks if send hash is same as internally generated to validate if the correct | ||||
| # password was used | # password was used | ||||
| def auth( self, password_hash ): | |||||
| combined = CHAP.test_password + self.key | |||||
| passhash = hashlib.sha256( combined.encode( 'utf-8' ) ).hexdigest() | |||||
| self.authenticated = passhash == password_hash | |||||
| return self.authenticated | |||||
| def auth( self, session, password_hash ): | |||||
| if session in self.keys: | |||||
| combined = CHAP.test_password + self.keys[ session ] | |||||
| passhash = hashlib.sha256( combined.encode( 'utf-8' ) ).hexdigest() | |||||
| self.authenticated[ session ] = passhash == password_hash | |||||
| return self.authenticated[ session ] == True | |||||
| else: | |||||
| return False | |||||
| # adds functionality for users to log them selfes off, but also need the | # adds functionality for users to log them selfes off, but also need the | ||||
| # the password_hash to ensure, that nobody else logs you off | # the password_hash to ensure, that nobody else logs you off | ||||
| def logout( self, session, password_hash ): | def logout( self, session, password_hash ): | ||||
| if session in self.authenticated: | |||||
| if self.auth( password_hash ): | |||||
| self.authenticated[ session ] = False | |||||
| return self.authenticated.get( session ) | |||||
| if self.auth( session, password_hash ): | |||||
| del self.authenticated[ session ] | |||||
| del self.keys[ session ] | |||||
| return self.authenticated.get( session ) != True | |||||
| # a little method that refuses to say hi, if you | # a little method that refuses to say hi, if you | ||||
| # are not authenticated | # are not authenticated | ||||
| def hello( self ): | |||||
| if ( self.authenticated ): | |||||
| def hello( self, session ): | |||||
| if ( self.authenticated.get( session ) == True ): | |||||
| return 'Hi, you are authenticated' | return 'Hi, you are authenticated' | ||||
| else: | else: | ||||
| return 'Sorry, please authenticate first' | return 'Sorry, please authenticate first' |
Cargando…