ハッシュをSHA256へ変更
マスターパスワードの管理をデータベースで行うように テーブルの一部カラム変更
This commit is contained in:
parent
e41324eae4
commit
550cf83e86
3 changed files with 30 additions and 15 deletions
|
@ -100,7 +100,7 @@ class DL():
|
||||||
find_pc_list_table = cursor.fetchall()
|
find_pc_list_table = cursor.fetchall()
|
||||||
print(find_pc_list_table)
|
print(find_pc_list_table)
|
||||||
if find_pc_list_table[0][0] == False:
|
if find_pc_list_table[0][0] == False:
|
||||||
cursor.execute("CREATE TABLE pc_list (pc_number INTEGER NOT NULL, using_member_id INTEGER, password_hash VARCHAR(32), pc_uuid VARCHAR(36), pc_token VARCHAR(36), PRIMARY KEY (pc_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
cursor.execute("CREATE TABLE pc_list (pc_number INTEGER NOT NULL, using_member_id INTEGER, password_hash VARCHAR(64), pc_uuid VARCHAR(36), pc_token VARCHAR(36), master_password VARCHAR(16), detail TEXT, PRIMARY KEY (pc_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||||
for i in self.pc_list:
|
for i in self.pc_list:
|
||||||
print(i)
|
print(i)
|
||||||
cursor.execute("INSERT INTO pc_list (pc_number) VALUES (%s)", (i,))
|
cursor.execute("INSERT INTO pc_list (pc_number) VALUES (%s)", (i,))
|
||||||
|
@ -110,7 +110,7 @@ class DL():
|
||||||
find_keyboard_list_table = cursor.fetchall()
|
find_keyboard_list_table = cursor.fetchall()
|
||||||
print(find_keyboard_list_table)
|
print(find_keyboard_list_table)
|
||||||
if find_keyboard_list_table[0][0] == False:
|
if find_keyboard_list_table[0][0] == False:
|
||||||
cursor.execute("CREATE TABLE keyboard_list (keyboard_number INTEGER NOT NULL, using_member_id INTEGER, PRIMARY KEY (keyboard_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
cursor.execute("CREATE TABLE keyboard_list (keyboard_number INTEGER NOT NULL, using_member_id INTEGER, device_id TEXT, device_name TEXT, detail TEXT, PRIMARY KEY (keyboard_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||||
for i in self.keyboard_list:
|
for i in self.keyboard_list:
|
||||||
print(i)
|
print(i)
|
||||||
cursor.execute("INSERT INTO keyboard_list (keyboard_number) VALUES (%s)", (i,))
|
cursor.execute("INSERT INTO keyboard_list (keyboard_number) VALUES (%s)", (i,))
|
||||||
|
@ -120,7 +120,7 @@ class DL():
|
||||||
find_mouse_list_table = cursor.fetchall()
|
find_mouse_list_table = cursor.fetchall()
|
||||||
print(find_mouse_list_table)
|
print(find_mouse_list_table)
|
||||||
if find_mouse_list_table[0][0] == False:
|
if find_mouse_list_table[0][0] == False:
|
||||||
cursor.execute("CREATE TABLE mouse_list (mouse_number INTEGER NOT NULL, using_member_id INTEGER, PRIMARY KEY (mouse_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
cursor.execute("CREATE TABLE mouse_list (mouse_number INTEGER NOT NULL, using_member_id INTEGER, device_id TEXT, device_name TEXT, detail TEXT, PRIMARY KEY (mouse_number), FOREIGN KEY (using_member_id) REFERENCES club_member(member_id))")
|
||||||
for i in self.mouse_list:
|
for i in self.mouse_list:
|
||||||
print(i)
|
print(i)
|
||||||
cursor.execute("INSERT INTO mouse_list (mouse_number) VALUES (%s)", (i,))
|
cursor.execute("INSERT INTO mouse_list (mouse_number) VALUES (%s)", (i,))
|
||||||
|
@ -193,7 +193,7 @@ class Bot(discord.Client):
|
||||||
return password
|
return password
|
||||||
|
|
||||||
def hash_genarate(self, source):
|
def hash_genarate(self, source):
|
||||||
hashed = hashlib.md5(source.encode())
|
hashed = hashlib.sha256(source.encode())
|
||||||
return hashed.hexdigest()
|
return hashed.hexdigest()
|
||||||
|
|
||||||
def user_register_check(self, **kwargs):
|
def user_register_check(self, **kwargs):
|
||||||
|
|
|
@ -5,6 +5,7 @@ from flask import Flask, request, jsonify, render_template
|
||||||
import uuid
|
import uuid
|
||||||
import string
|
import string
|
||||||
import random
|
import random
|
||||||
|
import hashlib
|
||||||
|
|
||||||
config_dir_path = "./config/"
|
config_dir_path = "./config/"
|
||||||
server_config_path = config_dir_path + "server.json"
|
server_config_path = config_dir_path + "server.json"
|
||||||
|
@ -46,8 +47,17 @@ class Auth():
|
||||||
|
|
||||||
def token_generate(self, length):
|
def token_generate(self, length):
|
||||||
letters = string.ascii_letters + string.digits
|
letters = string.ascii_letters + string.digits
|
||||||
password = ''.join(random.choice(letters) for _ in range(length))
|
token = ''.join(random.choice(letters) for _ in range(length))
|
||||||
return password
|
return token
|
||||||
|
|
||||||
|
def master_password_generate(self, length):
|
||||||
|
characters = string.ascii_letters + string.digits + string.punctuation
|
||||||
|
master_password = ''.join(random.choice(characters) for _ in range(length))
|
||||||
|
return master_password
|
||||||
|
|
||||||
|
def hash_genarate(self, source):
|
||||||
|
hashed = hashlib.sha256(source.encode())
|
||||||
|
return hashed.hexdigest()
|
||||||
|
|
||||||
def check(self, **kwargs):
|
def check(self, **kwargs):
|
||||||
try:
|
try:
|
||||||
|
@ -180,10 +190,12 @@ class Auth():
|
||||||
pc_record_uuid = pc_record[0][0]
|
pc_record_uuid = pc_record[0][0]
|
||||||
if pc_record_uuid == None:
|
if pc_record_uuid == None:
|
||||||
pc_token = self.token_generate(36)
|
pc_token = self.token_generate(36)
|
||||||
cursor.execute("UPDATE pc_list SET pc_uuid = %s, pc_token = %s WHERE pc_number = %s", (pc_uuid, pc_token, pc_number))
|
master_password = self.master_password_generate(16)
|
||||||
|
master_password_hash = self.hash_genarate(master_password)
|
||||||
|
cursor.execute("UPDATE pc_list SET pc_uuid = %s, pc_token = %s, master_password = %s WHERE pc_number = %s", (pc_uuid, pc_token, master_password, pc_number))
|
||||||
self.db.commit()
|
self.db.commit()
|
||||||
os.remove(onetime_config_path)
|
os.remove(onetime_config_path)
|
||||||
return {"result": 0, "about": "ok", "output_dict": {"pc_token": pc_token}}
|
return {"result": 0, "about": "ok", "output_dict": {"pc_token": pc_token, "master_password": master_password, "master_password_hash": master_password_hash}}
|
||||||
else:
|
else:
|
||||||
return {"result": 1, "about": "exist"}
|
return {"result": 1, "about": "exist"}
|
||||||
|
|
||||||
|
@ -214,7 +226,9 @@ def register():
|
||||||
if onetime_password == onetime_config["onetime"]:
|
if onetime_password == onetime_config["onetime"]:
|
||||||
register_result = auth.register(pc_number=pc_number, pc_uuid=pc_uuid)
|
register_result = auth.register(pc_number=pc_number, pc_uuid=pc_uuid)
|
||||||
pc_token = register_result["output_dict"]["pc_token"]
|
pc_token = register_result["output_dict"]["pc_token"]
|
||||||
return jsonify({'message': 'ok', 'pc_token': pc_token}), 200
|
master_password = register_result["output_dict"]["master_password"]
|
||||||
|
master_password_hash = register_result["output_dict"]["master_password_hash"]
|
||||||
|
return jsonify({'message': 'ok', 'pc_token': pc_token, 'master_password': master_password, 'master_password_hash': master_password_hash}), 200
|
||||||
else:
|
else:
|
||||||
return jsonify({'message': 'damedesu'}), 401
|
return jsonify({'message': 'damedesu'}), 401
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -46,7 +46,7 @@ elif os.path.isfile(client_config_path):
|
||||||
def master_password_gen():
|
def master_password_gen():
|
||||||
numbers = string.digits # (1)
|
numbers = string.digits # (1)
|
||||||
password = ''.join(random.choice(numbers) for _ in range(10)) # (2)
|
password = ''.join(random.choice(numbers) for _ in range(10)) # (2)
|
||||||
password_hash = hashlib.md5(password.encode()).hexdigest()
|
password_hash = hashlib.sha256(password.encode()).hexdigest()
|
||||||
result = {"password": password, "password_hash": password_hash}
|
result = {"password": password, "password_hash": password_hash}
|
||||||
return result
|
return result
|
||||||
|
|
||||||
|
@ -91,11 +91,12 @@ def init(**kwargs):
|
||||||
print("PCの情報が登録されました。")
|
print("PCの情報が登録されました。")
|
||||||
responce_json = responce.json()
|
responce_json = responce.json()
|
||||||
pc_token = str(responce_json["pc_token"])
|
pc_token = str(responce_json["pc_token"])
|
||||||
|
master_password_hash = str(responce_json["master_password_hash"])
|
||||||
|
master_password = str(responce_json["master_password"])
|
||||||
client_config["pc_token"] = pc_token
|
client_config["pc_token"] = pc_token
|
||||||
|
client_config["master_password_hash"] = master_password_hash
|
||||||
master_password = master_password_gen()
|
|
||||||
msgbox = tkinter.messagebox.showinfo(title=f"{app_name} | 初回起動を検出", message=f"初回起動のようです。\nマスターパスワードを記録しておいてください。\nこれ以降二度と表示されることはないでしょう。\n\n{master_password["password"]}\n\nまた、認証先サーバーの接続先を指定してください。ロックを解除できなくなります。")
|
msgbox = tkinter.messagebox.showinfo(title=f"{app_name} | 初回起動を検出", message=f"初回起動のようです。\nマスターパスワードを記録しておいてください。\nBotが起動している場合は、管理者がDiscordから確認することもできます。\n\n{master_password}\n\n")
|
||||||
client_config["master_password_hash"] = master_password["password_hash"]
|
|
||||||
client_config["initial"] = 0
|
client_config["initial"] = 0
|
||||||
|
|
||||||
with open(client_config_path, "w") as w:
|
with open(client_config_path, "w") as w:
|
||||||
|
@ -246,7 +247,7 @@ class Lock(customtkinter.CTkToplevel):
|
||||||
keyboard.add_hotkey('ctrl+shift+q', self.exit)
|
keyboard.add_hotkey('ctrl+shift+q', self.exit)
|
||||||
|
|
||||||
def hash_genarate(self, source):
|
def hash_genarate(self, source):
|
||||||
hashed = hashlib.md5(source.encode())
|
hashed = hashlib.sha256(source.encode())
|
||||||
return hashed.hexdigest()
|
return hashed.hexdigest()
|
||||||
|
|
||||||
def auth_start(self):
|
def auth_start(self):
|
||||||
|
|
Loading…
Reference in a new issue