add "peering-dir", logging,
This commit is contained in:
parent
cc8f181f24
commit
bc55c5df00
6 changed files with 78 additions and 23 deletions
2
web/.gitignore
vendored
Normal file
2
web/.gitignore
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
venv
|
||||
backend/peerings/
|
|
@ -20,6 +20,7 @@
|
|||
"port": 8042,
|
||||
"domain": "example.org", // domain to use for kioubit verification service
|
||||
"base-dir": "/", //optional:directury for which it is reachable (if behind some sort of reverse proxy) default "/"
|
||||
"peerings-dir": "/path/to/peering-configs/", // optional; default "$PWD/peerings", directory to save existing peerings to
|
||||
"production": true, //optional, default true;
|
||||
"debug-mode": false, // optional; whethet to enable debugging; default false
|
||||
"flask-secret-key": "<secret-please-replace>", // secret key for session cookies
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#! /usr/bin/env python3
|
||||
|
||||
import base64, os, json, time
|
||||
import base64, os, json, time, logging
|
||||
import OpenSSL
|
||||
from OpenSSL.crypto import load_publickey, FILETYPE_PEM, verify, X509
|
||||
|
||||
|
@ -15,20 +15,20 @@ class AuthVerifyer ():
|
|||
pk_content = ""
|
||||
for line in pk.readlines():
|
||||
pk_content += line
|
||||
print(pk_content)
|
||||
logging.debug(pk_content)
|
||||
pkey = load_publickey(FILETYPE_PEM, pk_content)
|
||||
self.x509 = X509()
|
||||
self.x509.set_pubkey(pkey)
|
||||
|
||||
print(self.x509)
|
||||
logging.debug(self.x509)
|
||||
|
||||
def verify(self, params, signature):
|
||||
# print(type(sig))
|
||||
# logging.debug(type(sig))
|
||||
#OpenSSL_verify(self.pubkey, sig
|
||||
#, base64.b64decode(params), "sha512")
|
||||
sig = base64.b64decode(signature)
|
||||
print(f"sig: {sig}")
|
||||
print(f"params: {params}")
|
||||
logging.info(f"sig: {sig}")
|
||||
logging.info(f"params: {params}")
|
||||
try:
|
||||
verify(self.x509, sig, params, 'sha512')
|
||||
except OpenSSL.crypto.Error:
|
||||
|
@ -43,12 +43,12 @@ class AuthVerifyer ():
|
|||
return False, "invalid JSON"
|
||||
except KeyError:
|
||||
return False, "value not found in JSON"
|
||||
print(user_data)
|
||||
logging.debug(user_data)
|
||||
return True, user_data
|
||||
|
||||
if __name__ == "__main__":
|
||||
example_com_verifier = AuthVerifyer("example.com")
|
||||
print (example_com_verifier.verify(
|
||||
logging.info (example_com_verifier.verify(
|
||||
params=b"eyJhc24iOiI0MjQyNDIzMDM1IiwidGltZSI6MTY2ODI2NjkyNiwiYWxsb3dlZDQiOiIxNzIuMjIuMTI1LjEyOFwvMjYsMTcyLjIwLjAuODFcLzMyIiwiYWxsb3dlZDYiOiJmZDYzOjVkNDA6NDdlNTo6XC80OCxmZDQyOmQ0MjpkNDI6ODE6OlwvNjQiLCJtbnQiOiJMQVJFLU1OVCIsImF1dGh0eXBlIjoibG9naW5jb2RlIiwiZG9tYWluIjoic3ZjLmJ1cmJsZS5kbjQyIn0=",
|
||||
signature=b"MIGIAkIBAmwz3sQ1vOkH8+8e0NJ8GsUqKSaazIWmYDp60sshlTo7gCAopZOZ6/+tD6s+oEGM1i5mKGbHgK9ROATQLHxUZecCQgCa2N828uNn76z1Yg63/c7veMVIiK4l1X9TCUepJnJ3mCto+7ogCP+2vQm6GHipSNRF4wnt6tZbir0HZvrqEnRAmA=="
|
||||
) )
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#! /usr/bin/env python3
|
||||
|
||||
from flask import Flask, Response, redirect, render_template, request, session, abort
|
||||
import json, os, base64
|
||||
import json, os, base64, logging
|
||||
from functools import wraps
|
||||
from ipaddress import ip_address, ip_network
|
||||
import kioubit_verify
|
||||
|
@ -16,7 +16,7 @@ class Config (dict):
|
|||
if os.path.exists("./config.json"): self.configfile = "./config.json"
|
||||
elif os.path.exists("/etc/dn42-autopeer/config.json"): self.configfile = "/etc/dn42-autopeer/config,json"
|
||||
else: raise FileNotFoundError("no config file found in ./config.json or /etc/dn42-autopeer/config.json")
|
||||
self.load_config()
|
||||
self._load_config()
|
||||
self.keys = self._config.keys
|
||||
#self.__getitem__ = self._config.__getitem__
|
||||
super().__init__(self)
|
||||
|
@ -29,7 +29,8 @@ class Config (dict):
|
|||
super().__delitem__(self,v)
|
||||
def __getitem__(self, k):
|
||||
return self._config[k]
|
||||
def load_config(self):
|
||||
|
||||
def _load_config(self):
|
||||
with open(self.configfile) as cf:
|
||||
try:
|
||||
self._config = json.load(cf)
|
||||
|
@ -43,10 +44,58 @@ class Config (dict):
|
|||
self._config["debug-mode"] = False
|
||||
if not "base-dir" in self._config:
|
||||
self._config["base-dir"] = "/"
|
||||
print(self._config)
|
||||
|
||||
if not "peerings-data" in self._config:
|
||||
self._config["peering-data"] = "./peerings"
|
||||
logging.info(self._config)
|
||||
|
||||
class PeeringManager(dict):
|
||||
|
||||
def __init__(self, peering_dir):
|
||||
self._peering_dir = peering_dir
|
||||
|
||||
self._load_peerings()
|
||||
self.keys = self._peerings
|
||||
|
||||
def __contains__(self, o):
|
||||
return self._peerings.__contains__(o)
|
||||
|
||||
def __getitem__(self, k):
|
||||
return self._peerings[k]
|
||||
|
||||
def __setitem__(self, k, v):
|
||||
pass
|
||||
def __delitem__(self, v):
|
||||
pass
|
||||
|
||||
def _load_peerings(self):
|
||||
if not os.path.exists(self._peering_dir):
|
||||
os.mkdir(self._peering_dir)
|
||||
if not os.path.exists(f"{self._peering_dir}/peerings.json"):
|
||||
with open(f"{self._peering_dir}/peerings.json", "x") as p:
|
||||
json.dump([], p)
|
||||
with open(f"{self._peering_dir}/peerings.json","r") as p:
|
||||
self._peerings = json.load(p)
|
||||
self.peerings = {}
|
||||
missing_peerings = False
|
||||
for peering in self._peerings:
|
||||
if os.path.exists(f"{self._peering_dir}/{peering}.json"):
|
||||
with open(f"{self._peering_dir}/{peering}.json") as peer_cfg:
|
||||
self.peerings[peering] = json.load(peer_cfg)
|
||||
else:
|
||||
logging.warning(f"peering with id {peering} doesn't exist. removing reference in `{self._peering_dir}/peerings.json`")
|
||||
self._peerings.remove(peering)
|
||||
missing_peerings = True
|
||||
if missing_peerings:
|
||||
with open(f"{self._peering_dir}/peerings.json","w") as p:
|
||||
json.dump(self._peerings, p, indent=4)
|
||||
|
||||
def get_peerings_by_mnt(self, mnt):
|
||||
raise NotImplementedError()
|
||||
|
||||
|
||||
config = Config()
|
||||
|
||||
peerings = PeeringManager(config["peering-dir"])
|
||||
def auth_required():
|
||||
def wrapper(f):
|
||||
@wraps(f)
|
||||
|
@ -70,8 +119,8 @@ def kioubit_auth():
|
|||
|
||||
|
||||
success, msg = kverifyer.verify(params, signature)
|
||||
try: print(base64.b64decode(params))
|
||||
except: print("invalid Base64 data provided")
|
||||
try: logging.debug(base64.b64decode(params))
|
||||
except: logging.debug("invalid Base64 data provided")
|
||||
|
||||
|
||||
if success:
|
||||
|
@ -156,9 +205,11 @@ def main():
|
|||
app.template_folder=config["flask-template-dir"]
|
||||
app.secret_key = config["flask-secret-key"]
|
||||
if "production" in config and config["production"] == False:
|
||||
logging.getLogger(__name__).setLevel(logging.INFO)
|
||||
app.run(host=config["listen"], port=config["port"], debug=config["debug-mode"], threaded=True)
|
||||
else:
|
||||
from waitress import serve
|
||||
logging.getLogger(__name__).setLevel(logging.NOTSET)
|
||||
serve(app, host=config["listen"], port=config["port"])
|
||||
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
{% block content %}
|
||||
|
||||
<form action="peer" method="post">
|
||||
<form action="" method="post">
|
||||
<select name="node" id="node">
|
||||
{% for node in config["nodes"] %}
|
||||
<option value="{{node}}" {% if selected_node %}{% if selected_node == node %}selected{% endif %}{% endif %} >{{node}}</option>
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
{% extends 'base.html' %}
|
||||
|
||||
{% block content %}
|
||||
<script>
|
||||
|
||||
<form action="peer" method="post">
|
||||
<select name="node" id="node">
|
||||
{% for node in config["nodes"] %}
|
||||
<option value="{{node}}" {% if selected_node %}{% if selected_node == node %}selected{% endif %}{% endif %} >{{node}}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</form>
|
||||
</script>
|
||||
<div>
|
||||
<a href="peerings/new"><button>add new</button></a>
|
||||
</div>
|
||||
<div>
|
||||
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
Loading…
Add table
Reference in a new issue