| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 |
- #!/usr/bin/env python2
-
- import uuid
- import pickle
- import hashlib
- from xmlrpc.server import SimpleXMLRPCServer
- from xmlrpc.server import SimpleXMLRPCRequestHandler
-
- # Restrict to a particular path.
- class RequestHandler(SimpleXMLRPCRequestHandler):
- rpc_paths = ('/RPC2',)
-
- # Create server
- server = SimpleXMLRPCServer(("localhost", 8000),
- requestHandler=RequestHandler)
- server.register_introspection_functions()
-
- def save_users( users ):
- pickle.dump( users, open( 'users.data', 'wb' ) )
-
- # Register an instance; all the methods of the instance are
- # published as XML-RPC methods
- class CHAP:
- # initializes class-instance and instance variables
- # if no userdata exists, it creates a default user
- def __init__( self ):
- self.keys = {}
- self.authenticated = {}
- try:
- self.users = pickle.load( open( 'users.data', 'rb' ) )
- except FileNotFoundError:
- self.users = { 'admin': 'Pass123' }
- save_users( self.users )
-
- # adds a user to dictionary and saves it to a file
- # won't be executable if not authorized or if user already exists
- def create_user( self, session, username, password ):
- if ( self.authenticated.get( session ) == True ):
- if not username in self.users:
- self.users[ username ] = password
- save_users( self.users )
- return 'Created user successfully'
- else:
- return 'User already exists'
- else:
- return 'Sorry, please authenticate first'
-
- # tells the server to start the autentification process
- # and send the generated random salt
- def init( self ):
- session = str( uuid.uuid4() )
- key = str( uuid.uuid4() )
- while session in self.keys:
- session = str( uuid.uuid4() )
-
- self.keys[ session ] = key
- return [ session, key ]
-
- # checks if send hash is same as internally generated to validate if the correct
- # password was used
- def auth( self, session, username, password_hash ):
- if session in self.keys and username in self.users:
- combined = self.users.get( username ) + self.keys.get( session )
- passhash = hashlib.sha256( combined.encode( 'utf-8' ) ).hexdigest()
- self.authenticated[ session ] = passhash == password_hash
- return self.authenticated[ session ] == True
- else:
- return False
-
- # adds functionality for users to log them selfes off, but also need the
- # the password_hash to ensure, that nobody else logs you off
- def logout( self, session, username, password_hash ):
- if self.auth( session, username, password_hash ):
- del self.authenticated[ session ]
- del self.keys[ session ]
- return self.authenticated.get( session ) != True
-
- # a little method that refuses to say hi, if you
- # are not authenticated
- def hello( self, session ):
- if ( self.authenticated.get( session ) == True ):
- return 'Hi, you are authenticated'
- else:
- return 'Sorry, please authenticate first'
- server.register_instance(CHAP())
- # Run the server's main loop
- server.serve_forever()
|
