ハッシュをSHA256へ変更
マスターパスワードの管理をデータベースで行うように テーブルの一部カラム変更
This commit is contained in:
parent
e41324eae4
commit
550cf83e86
3 changed files with 30 additions and 15 deletions
|
@ -100,7 +100,7 @@ class DL():
|
|||
find_pc_list_table = cursor.fetchall()
|
||||
print(find_pc_list_table)
|
||||
if find_pc_list_table[0][0] == False:
|
||||
cursor.execute("CREATE TABLE pc_list (pc_number INTEGER NOT NULL, using_member_id INTEGER, password_hash VARCHAR(32), pc_uuid VARCHAR(36), pc_token VARCHAR(36), PRIMARY KEY (pc_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||
cursor.execute("CREATE TABLE pc_list (pc_number INTEGER NOT NULL, using_member_id INTEGER, password_hash VARCHAR(64), pc_uuid VARCHAR(36), pc_token VARCHAR(36), master_password VARCHAR(16), detail TEXT, PRIMARY KEY (pc_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||
for i in self.pc_list:
|
||||
print(i)
|
||||
cursor.execute("INSERT INTO pc_list (pc_number) VALUES (%s)", (i,))
|
||||
|
@ -110,7 +110,7 @@ class DL():
|
|||
find_keyboard_list_table = cursor.fetchall()
|
||||
print(find_keyboard_list_table)
|
||||
if find_keyboard_list_table[0][0] == False:
|
||||
cursor.execute("CREATE TABLE keyboard_list (keyboard_number INTEGER NOT NULL, using_member_id INTEGER, PRIMARY KEY (keyboard_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||
cursor.execute("CREATE TABLE keyboard_list (keyboard_number INTEGER NOT NULL, using_member_id INTEGER, device_id TEXT, device_name TEXT, detail TEXT, PRIMARY KEY (keyboard_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||
for i in self.keyboard_list:
|
||||
print(i)
|
||||
cursor.execute("INSERT INTO keyboard_list (keyboard_number) VALUES (%s)", (i,))
|
||||
|
@ -120,7 +120,7 @@ class DL():
|
|||
find_mouse_list_table = cursor.fetchall()
|
||||
print(find_mouse_list_table)
|
||||
if find_mouse_list_table[0][0] == False:
|
||||
cursor.execute("CREATE TABLE mouse_list (mouse_number INTEGER NOT NULL, using_member_id INTEGER, PRIMARY KEY (mouse_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||
cursor.execute("CREATE TABLE mouse_list (mouse_number INTEGER NOT NULL, using_member_id INTEGER, device_id TEXT, device_name TEXT, detail TEXT, PRIMARY KEY (mouse_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||
for i in self.mouse_list:
|
||||
print(i)
|
||||
cursor.execute("INSERT INTO mouse_list (mouse_number) VALUES (%s)", (i,))
|
||||
|
@ -193,7 +193,7 @@ class Bot(discord.Client):
|
|||
return password
|
||||
|
||||
def hash_genarate(self, source):
|
||||
hashed = hashlib.md5(source.encode())
|
||||
hashed = hashlib.sha256(source.encode())
|
||||
return hashed.hexdigest()
|
||||
|
||||
def user_register_check(self, **kwargs):
|
||||
|
|
|
@ -5,6 +5,7 @@ from flask import Flask, request, jsonify, render_template
|
|||
import uuid
|
||||
import string
|
||||
import random
|
||||
import hashlib
|
||||
|
||||
config_dir_path = "./config/"
|
||||
server_config_path = config_dir_path + "server.json"
|
||||
|
@ -46,8 +47,17 @@ class Auth():
|
|||
|
||||
def token_generate(self, length):
|
||||
letters = string.ascii_letters + string.digits
|
||||
password = ''.join(random.choice(letters) for _ in range(length))
|
||||
return password
|
||||
token = ''.join(random.choice(letters) for _ in range(length))
|
||||
return token
|
||||
|
||||
def master_password_generate(self, length):
|
||||
characters = string.ascii_letters + string.digits + string.punctuation
|
||||
master_password = ''.join(random.choice(characters) for _ in range(length))
|
||||
return master_password
|
||||
|
||||
def hash_genarate(self, source):
|
||||
hashed = hashlib.sha256(source.encode())
|
||||
return hashed.hexdigest()
|
||||
|
||||
def check(self, **kwargs):
|
||||
try:
|
||||
|
@ -180,10 +190,12 @@ class Auth():
|
|||
pc_record_uuid = pc_record[0][0]
|
||||
if pc_record_uuid == None:
|
||||
pc_token = self.token_generate(36)
|
||||
cursor.execute("UPDATE pc_list SET pc_uuid = %s, pc_token = %s WHERE pc_number = %s", (pc_uuid, pc_token, pc_number))
|
||||
master_password = self.master_password_generate(16)
|
||||
master_password_hash = self.hash_genarate(master_password)
|
||||
cursor.execute("UPDATE pc_list SET pc_uuid = %s, pc_token = %s, master_password = %s WHERE pc_number = %s", (pc_uuid, pc_token, master_password, pc_number))
|
||||
self.db.commit()
|
||||
os.remove(onetime_config_path)
|
||||
return {"result": 0, "about": "ok", "output_dict": {"pc_token": pc_token}}
|
||||
return {"result": 0, "about": "ok", "output_dict": {"pc_token": pc_token, "master_password": master_password, "master_password_hash": master_password_hash}}
|
||||
else:
|
||||
return {"result": 1, "about": "exist"}
|
||||
|
||||
|
@ -214,7 +226,9 @@ def register():
|
|||
if onetime_password == onetime_config["onetime"]:
|
||||
register_result = auth.register(pc_number=pc_number, pc_uuid=pc_uuid)
|
||||
pc_token = register_result["output_dict"]["pc_token"]
|
||||
return jsonify({'message': 'ok', 'pc_token': pc_token}), 200
|
||||
master_password = register_result["output_dict"]["master_password"]
|
||||
master_password_hash = register_result["output_dict"]["master_password_hash"]
|
||||
return jsonify({'message': 'ok', 'pc_token': pc_token, 'master_password': master_password, 'master_password_hash': master_password_hash}), 200
|
||||
else:
|
||||
return jsonify({'message': 'damedesu'}), 401
|
||||
else:
|
||||
|
|
|
@ -46,7 +46,7 @@ elif os.path.isfile(client_config_path):
|
|||
def master_password_gen():
|
||||
numbers = string.digits # (1)
|
||||
password = ''.join(random.choice(numbers) for _ in range(10)) # (2)
|
||||
password_hash = hashlib.md5(password.encode()).hexdigest()
|
||||
password_hash = hashlib.sha256(password.encode()).hexdigest()
|
||||
result = {"password": password, "password_hash": password_hash}
|
||||
return result
|
||||
|
||||
|
@ -91,11 +91,12 @@ def init(**kwargs):
|
|||
print("PCの情報が登録されました。")
|
||||
responce_json = responce.json()
|
||||
pc_token = str(responce_json["pc_token"])
|
||||
master_password_hash = str(responce_json["master_password_hash"])
|
||||
master_password = str(responce_json["master_password"])
|
||||
client_config["pc_token"] = pc_token
|
||||
|
||||
master_password = master_password_gen()
|
||||
msgbox = tkinter.messagebox.showinfo(title=f"{app_name} | 初回起動を検出", message=f"初回起動のようです。\nマスターパスワードを記録しておいてください。\nこれ以降二度と表示されることはないでしょう。\n\n{master_password["password"]}\n\nまた、認証先サーバーの接続先を指定してください。ロックを解除できなくなります。")
|
||||
client_config["master_password_hash"] = master_password["password_hash"]
|
||||
client_config["master_password_hash"] = master_password_hash
|
||||
|
||||
msgbox = tkinter.messagebox.showinfo(title=f"{app_name} | 初回起動を検出", message=f"初回起動のようです。\nマスターパスワードを記録しておいてください。\nBotが起動している場合は、管理者がDiscordから確認することもできます。\n\n{master_password}\n\n")
|
||||
client_config["initial"] = 0
|
||||
|
||||
with open(client_config_path, "w") as w:
|
||||
|
@ -246,7 +247,7 @@ class Lock(customtkinter.CTkToplevel):
|
|||
keyboard.add_hotkey('ctrl+shift+q', self.exit)
|
||||
|
||||
def hash_genarate(self, source):
|
||||
hashed = hashlib.md5(source.encode())
|
||||
hashed = hashlib.sha256(source.encode())
|
||||
return hashed.hexdigest()
|
||||
|
||||
def auth_start(self):
|
||||
|
|
Loading…
Reference in a new issue