From 550cf83e86ae3cc8a72c448fff142b4321e27007 Mon Sep 17 00:00:00 2001 From: suti7yk5032 Date: Fri, 6 Sep 2024 00:09:37 +0900 Subject: [PATCH] =?UTF-8?q?=E3=83=8F=E3=83=83=E3=82=B7=E3=83=A5=E3=82=92SH?= =?UTF-8?q?A256=E3=81=B8=E5=A4=89=E6=9B=B4=20=E3=83=9E=E3=82=B9=E3=82=BF?= =?UTF-8?q?=E3=83=BC=E3=83=91=E3=82=B9=E3=83=AF=E3=83=BC=E3=83=89=E3=81=AE?= =?UTF-8?q?=E7=AE=A1=E7=90=86=E3=82=92=E3=83=87=E3=83=BC=E3=82=BF=E3=83=99?= =?UTF-8?q?=E3=83=BC=E3=82=B9=E3=81=A7=E8=A1=8C=E3=81=86=E3=82=88=E3=81=86?= =?UTF-8?q?=E3=81=AB=20=E3=83=86=E3=83=BC=E3=83=96=E3=83=AB=E3=81=AE?= =?UTF-8?q?=E4=B8=80=E9=83=A8=E3=82=AB=E3=83=A9=E3=83=A0=E5=A4=89=E6=9B=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- dislocker.py | 8 ++++---- dislocker_auth.py | 24 +++++++++++++++++++----- dislocker_client.py | 13 +++++++------ 3 files changed, 30 insertions(+), 15 deletions(-) diff --git a/dislocker.py b/dislocker.py index dc5ff67..e8d88d5 100644 --- a/dislocker.py +++ b/dislocker.py @@ -100,7 +100,7 @@ class DL(): find_pc_list_table = cursor.fetchall() print(find_pc_list_table) if find_pc_list_table[0][0] == False: - cursor.execute("CREATE TABLE pc_list (pc_number INTEGER NOT NULL, using_member_id INTEGER, password_hash VARCHAR(32), pc_uuid VARCHAR(36), pc_token VARCHAR(36), PRIMARY KEY (pc_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))") + cursor.execute("CREATE TABLE pc_list (pc_number INTEGER NOT NULL, using_member_id INTEGER, password_hash VARCHAR(64), pc_uuid VARCHAR(36), pc_token VARCHAR(36), master_password VARCHAR(16), detail TEXT, PRIMARY KEY (pc_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))") for i in self.pc_list: print(i) cursor.execute("INSERT INTO pc_list (pc_number) VALUES (%s)", (i,)) @@ -110,7 +110,7 @@ class DL(): find_keyboard_list_table = cursor.fetchall() print(find_keyboard_list_table) if find_keyboard_list_table[0][0] == False: - cursor.execute("CREATE TABLE keyboard_list (keyboard_number INTEGER NOT NULL, using_member_id INTEGER, PRIMARY KEY (keyboard_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))") + cursor.execute("CREATE TABLE keyboard_list (keyboard_number INTEGER NOT NULL, using_member_id INTEGER, device_id TEXT, device_name TEXT, detail TEXT, PRIMARY KEY (keyboard_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))") for i in self.keyboard_list: print(i) cursor.execute("INSERT INTO keyboard_list (keyboard_number) VALUES (%s)", (i,)) @@ -120,7 +120,7 @@ class DL(): find_mouse_list_table = cursor.fetchall() print(find_mouse_list_table) if find_mouse_list_table[0][0] == False: - cursor.execute("CREATE TABLE mouse_list (mouse_number INTEGER NOT NULL, using_member_id INTEGER, PRIMARY KEY (mouse_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))") + cursor.execute("CREATE TABLE mouse_list (mouse_number INTEGER NOT NULL, using_member_id INTEGER, device_id TEXT, device_name TEXT, detail TEXT, PRIMARY KEY (mouse_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))") for i in self.mouse_list: print(i) cursor.execute("INSERT INTO mouse_list (mouse_number) VALUES (%s)", (i,)) @@ -193,7 +193,7 @@ class Bot(discord.Client): return password def hash_genarate(self, source): - hashed = hashlib.md5(source.encode()) + hashed = hashlib.sha256(source.encode()) return hashed.hexdigest() def user_register_check(self, **kwargs): diff --git a/dislocker_auth.py b/dislocker_auth.py index 3c458e8..7c2c99b 100644 --- a/dislocker_auth.py +++ b/dislocker_auth.py @@ -5,6 +5,7 @@ from flask import Flask, request, jsonify, render_template import uuid import string import random +import hashlib config_dir_path = "./config/" server_config_path = config_dir_path + "server.json" @@ -46,8 +47,17 @@ class Auth(): def token_generate(self, length): letters = string.ascii_letters + string.digits - password = ''.join(random.choice(letters) for _ in range(length)) - return password + token = ''.join(random.choice(letters) for _ in range(length)) + return token + + def master_password_generate(self, length): + characters = string.ascii_letters + string.digits + string.punctuation + master_password = ''.join(random.choice(characters) for _ in range(length)) + return master_password + + def hash_genarate(self, source): + hashed = hashlib.sha256(source.encode()) + return hashed.hexdigest() def check(self, **kwargs): try: @@ -180,10 +190,12 @@ class Auth(): pc_record_uuid = pc_record[0][0] if pc_record_uuid == None: pc_token = self.token_generate(36) - cursor.execute("UPDATE pc_list SET pc_uuid = %s, pc_token = %s WHERE pc_number = %s", (pc_uuid, pc_token, pc_number)) + master_password = self.master_password_generate(16) + master_password_hash = self.hash_genarate(master_password) + cursor.execute("UPDATE pc_list SET pc_uuid = %s, pc_token = %s, master_password = %s WHERE pc_number = %s", (pc_uuid, pc_token, master_password, pc_number)) self.db.commit() os.remove(onetime_config_path) - return {"result": 0, "about": "ok", "output_dict": {"pc_token": pc_token}} + return {"result": 0, "about": "ok", "output_dict": {"pc_token": pc_token, "master_password": master_password, "master_password_hash": master_password_hash}} else: return {"result": 1, "about": "exist"} @@ -214,7 +226,9 @@ def register(): if onetime_password == onetime_config["onetime"]: register_result = auth.register(pc_number=pc_number, pc_uuid=pc_uuid) pc_token = register_result["output_dict"]["pc_token"] - return jsonify({'message': 'ok', 'pc_token': pc_token}), 200 + master_password = register_result["output_dict"]["master_password"] + master_password_hash = register_result["output_dict"]["master_password_hash"] + return jsonify({'message': 'ok', 'pc_token': pc_token, 'master_password': master_password, 'master_password_hash': master_password_hash}), 200 else: return jsonify({'message': 'damedesu'}), 401 else: diff --git a/dislocker_client.py b/dislocker_client.py index 40c06fb..b6ad341 100644 --- a/dislocker_client.py +++ b/dislocker_client.py @@ -46,7 +46,7 @@ elif os.path.isfile(client_config_path): def master_password_gen(): numbers = string.digits # (1) password = ''.join(random.choice(numbers) for _ in range(10)) # (2) - password_hash = hashlib.md5(password.encode()).hexdigest() + password_hash = hashlib.sha256(password.encode()).hexdigest() result = {"password": password, "password_hash": password_hash} return result @@ -91,11 +91,12 @@ def init(**kwargs): print("PCの情報が登録されました。") responce_json = responce.json() pc_token = str(responce_json["pc_token"]) + master_password_hash = str(responce_json["master_password_hash"]) + master_password = str(responce_json["master_password"]) client_config["pc_token"] = pc_token - - master_password = master_password_gen() - msgbox = tkinter.messagebox.showinfo(title=f"{app_name} | 初回起動を検出", message=f"初回起動のようです。\nマスターパスワードを記録しておいてください。\nこれ以降二度と表示されることはないでしょう。\n\n{master_password["password"]}\n\nまた、認証先サーバーの接続先を指定してください。ロックを解除できなくなります。") - client_config["master_password_hash"] = master_password["password_hash"] + client_config["master_password_hash"] = master_password_hash + + msgbox = tkinter.messagebox.showinfo(title=f"{app_name} | 初回起動を検出", message=f"初回起動のようです。\nマスターパスワードを記録しておいてください。\nBotが起動している場合は、管理者がDiscordから確認することもできます。\n\n{master_password}\n\n") client_config["initial"] = 0 with open(client_config_path, "w") as w: @@ -246,7 +247,7 @@ class Lock(customtkinter.CTkToplevel): keyboard.add_hotkey('ctrl+shift+q', self.exit) def hash_genarate(self, source): - hashed = hashlib.md5(source.encode()) + hashed = hashlib.sha256(source.encode()) return hashed.hexdigest() def auth_start(self):