luxick/DrunkSoulsStatTool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use function decorators to check authentication tokens.

Browse Source
This commit is contained in:
luxick
2018-03-28 20:58:19 +02:00
parent 4b8d2421a5
commit ad85a37d5e
6 changed files with 87 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dsst/dsst_gtk3/client.py
View File

@@ -31,6 +31,7 @@ class Access:
soc.close() soc.close()
return message.get('data') return message.get('data')
if __name__ == '__main__': if __name__ == '__main__':
access = Access({'host': 'europa', 'port': 12345, 'buffer_size': 1024, 'auth_token': 'a'}) access = Access({'host': 'europa', 'port': 12345, 'buffer_size': 1024, 'auth_token': 'a'})
action = 'load_seasons' action = 'load_seasons'

17
dsst/dsst_gtk3/resources/glade/window.glade
View File

@@ -542,7 +542,7 @@
<object class="GtkLabel" id="ep_death_count_label"> <object class="GtkLabel" id="ep_death_count_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">[DeathCount]</property> <property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>
@@ -553,7 +553,7 @@
<object class="GtkLabel"> <object class="GtkLabel">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">Total Drinks:</property> <property name="label" translatable="yes">Total Shots:</property>
<property name="xalign">1</property> <property name="xalign">1</property>
</object> </object>
<packing> <packing>
@@ -565,7 +565,7 @@
<object class="GtkLabel" id="ep_drinks_label"> <object class="GtkLabel" id="ep_drinks_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">[DrinkCount]</property> <property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>
@@ -588,7 +588,7 @@
<object class="GtkLabel" id="ep_booze_label"> <object class="GtkLabel" id="ep_booze_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">[ToatalBooze]</property> <property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>
@@ -647,7 +647,7 @@
<object class="GtkLabel" id="ep_player_drinks_label"> <object class="GtkLabel" id="ep_player_drinks_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">[PlayerDrinks]</property> <property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>
@@ -658,7 +658,7 @@
<object class="GtkLabel" id="ep_player_booze_label"> <object class="GtkLabel" id="ep_player_booze_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">[PlayerBooze]</property> <property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>
@@ -669,7 +669,7 @@
<object class="GtkLabel" id="ep_player_alc_label"> <object class="GtkLabel" id="ep_player_alc_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">[PlayerAlc]</property> <property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>
@@ -680,7 +680,7 @@
<object class="GtkLabel" id="ep_alc_label"> <object class="GtkLabel" id="ep_alc_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">[TotalAlc]</property> <property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>
@@ -703,6 +703,7 @@
<object class="GtkLabel" id="ep_enemy_name_label"> <object class="GtkLabel" id="ep_enemy_name_label">
<property name="visible">True</property> <property name="visible">True</property>
<property name="can_focus">False</property> <property name="can_focus">False</property>
<property name="label" translatable="yes">Computing...</property>
</object> </object>
<packing> <packing>
<property name="left_attach">1</property> <property name="left_attach">1</property>

33
dsst/dsst_server/auth.py Normal file
View File

@@ -0,0 +1,33 @@
READ_TOKENS = []
WRITE_TOKENS = []
class AuthenticationError(Exception):
def __init__(self, message):
self.message = message
def get_response(self):
return {
'success': False,
'message': 'Authentication Failed:\n'.format(self.message)
}
def check_read(func):
def wrapper(*args, **kwargs):
token = args[0]
if token in READ_TOKENS + WRITE_TOKENS:
return func(*args[1:], **kwargs)
else:
raise AuthenticationError('Token "{}" has no read access on database.'.format(token))
return wrapper
def check_write(func):
def wrapper(*args, **kwargs):
token = args[0]
if token in WRITE_TOKENS:
return func(*args[1:], **kwargs)
else:
raise AuthenticationError('Token "{}" has no write access on database.'.format(token))
return wrapper

9
dsst/dsst_server/func_read.py
View File

@@ -1,40 +1,49 @@
from dsst_server.data_access import sql, sql_func, mapping from dsst_server.data_access import sql, sql_func, mapping
from dsst_server.auth import check_read
from common import models from common import models
from playhouse import shortcuts from playhouse import shortcuts
class ReadFunctions: class ReadFunctions:
@staticmethod @staticmethod
@check_read
def load_db_meta(*_): def load_db_meta(*_):
return sql.db.database return sql.db.database
@staticmethod @staticmethod
@check_read
def load_seasons(*_): def load_seasons(*_):
return [mapping.db_to_season(season) for season in sql.Season.select()] return [mapping.db_to_season(season) for season in sql.Season.select()]
@staticmethod @staticmethod
@check_read
def load_seasons_all(*_): def load_seasons_all(*_):
return [shortcuts.model_to_dict(season, backrefs=True, max_depth=2) for season in sql.Season.select()] return [shortcuts.model_to_dict(season, backrefs=True, max_depth=2) for season in sql.Season.select()]
@staticmethod @staticmethod
@check_read
def load_episodes(season_id, *_): def load_episodes(season_id, *_):
if not season_id: if not season_id:
raise Exception('Exception: Missing argument (season_id)') raise Exception('Exception: Missing argument (season_id)')
return [mapping.db_to_episode(ep) for ep in sql.Season.get(sql.Season.id == season_id).episodes] return [mapping.db_to_episode(ep) for ep in sql.Season.get(sql.Season.id == season_id).episodes]
@staticmethod @staticmethod
@check_read
def load_players(*_): def load_players(*_):
return [mapping.db_to_player(player) for player in sql.Player.select()] return [mapping.db_to_player(player) for player in sql.Player.select()]
@staticmethod @staticmethod
@check_read
def load_enemies(season_id, *_): def load_enemies(season_id, *_):
pass pass
@staticmethod @staticmethod
@check_read
def load_drinks(*_): def load_drinks(*_):
return [mapping.db_to_drink(drink) for drink in sql.Drink.select()] return [mapping.db_to_drink(drink) for drink in sql.Drink.select()]
@staticmethod @staticmethod
@check_read
def load_season_stats(season_id, *_): def load_season_stats(season_id, *_):
season = sql.Season.get(sql.Season.id == season_id) season = sql.Season.get(sql.Season.id == season_id)
players = sql_func.players_for_season(season_id) players = sql_func.players_for_season(season_id)

14
dsst/dsst_server/func_write.py
View File

@@ -1,13 +1,16 @@
from common import models from common import models
from dsst_server.data_access import sql from dsst_server.data_access import sql
from dsst_server.auth import check_write
class WriteFunctions: class WriteFunctions:
@staticmethod @staticmethod
@check_write
def create_season(season: 'models.Season'): def create_season(season: 'models.Season'):
return 'Season created.' return 'Season created.'
@staticmethod @staticmethod
@check_write
def update_enemy(enemy: 'models.Enemy', *_): def update_enemy(enemy: 'models.Enemy', *_):
(sql.Enemy (sql.Enemy
.insert(id=enemy.id, boss=enemy.boss, name=enemy.name, season=enemy.season) .insert(id=enemy.id, boss=enemy.boss, name=enemy.name, season=enemy.season)
@@ -17,6 +20,7 @@ class WriteFunctions:
.execute()) .execute())
@staticmethod @staticmethod
@check_write
def update_player(player: 'models.Player', *_): def update_player(player: 'models.Player', *_):
(sql.Player (sql.Player
.insert(id=player.id, name=player.name, hex_id=player.hex_id) .insert(id=player.id, name=player.name, hex_id=player.hex_id)
@@ -25,6 +29,7 @@ class WriteFunctions:
.execute()) .execute())
@staticmethod @staticmethod
@check_write
def update_drink(drink: 'models.Drink', *_): def update_drink(drink: 'models.Drink', *_):
(sql.Drink (sql.Drink
.insert(id=drink.id, name=drink.name, vol=drink.vol) .insert(id=drink.id, name=drink.name, vol=drink.vol)
@@ -33,6 +38,7 @@ class WriteFunctions:
.execute()) .execute())
@staticmethod @staticmethod
@check_write
def save_death(death: 'models.Death'): def save_death(death: 'models.Death'):
with sql.db.atomic(): with sql.db.atomic():
created_id = (sql.Death created_id = (sql.Death
@@ -43,6 +49,7 @@ class WriteFunctions:
sql.Penalty.create(death=created_id, size=penalty.size, drink=penalty.drink, player=penalty.player) sql.Penalty.create(death=created_id, size=penalty.size, drink=penalty.drink, player=penalty.player)
@staticmethod @staticmethod
@check_write
def save_victory(victory: 'models.Victory'): def save_victory(victory: 'models.Victory'):
(sql.Victory (sql.Victory
.insert(info=victory.info, player=victory.player, enemy=victory.enemy, time=victory.time, .insert(info=victory.info, player=victory.player, enemy=victory.enemy, time=victory.time,
@@ -50,6 +57,7 @@ class WriteFunctions:
.execute()) .execute())
@staticmethod @staticmethod
@check_write
def update_season(season: 'models.Season', *_): def update_season(season: 'models.Season', *_):
(sql.Season (sql.Season
.insert(id=season.id, number=season.number, game_name=season.game_name, start_date=season.start_date, .insert(id=season.id, number=season.number, game_name=season.game_name, start_date=season.start_date,
@@ -62,6 +70,7 @@ class WriteFunctions:
.execute()) .execute())
@staticmethod @staticmethod
@check_write
def update_episode(episode: 'models.Episode', *_): def update_episode(episode: 'models.Episode', *_):
players = list(sql.Player.select().where(sql.Player.id << [player.id for player in episode.players])) players = list(sql.Player.select().where(sql.Player.id << [player.id for player in episode.players]))
new_ep_id = (sql.Episode new_ep_id = (sql.Episode
@@ -76,3 +85,8 @@ class WriteFunctions:
db_episode = sql.Episode.get(sql.Episode.id == new_ep_id) db_episode = sql.Episode.get(sql.Episode.id == new_ep_id)
db_episode.players = players db_episode.players = players
db_episode.save() db_episode.save()
@staticmethod
@check_write
def delete_player(player_id: int, *_):
sql.Player.delete_by_id(int)

54
dsst/dsst_server/server.py
View File

@@ -5,7 +5,7 @@ import sys
import os import os
from common import util, models from common import util, models
from dsst_server import func_read, func_write from dsst_server import func_read, func_write, auth
from dsst_server.func_proxy import FunctionProxy from dsst_server.func_proxy import FunctionProxy
from dsst_server.data_access import sql, sql_func from dsst_server.data_access import sql, sql_func
from dsst_server.config import DEFAULT_CONFIG from dsst_server.config import DEFAULT_CONFIG
@@ -16,8 +16,8 @@ class DsstServer:
self.socket_server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.socket_server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print('Created socket') print('Created socket')
server_conf = config.get('server') server_conf = config.get('server')
self.socket_server.bind((server_conf.get('host'), server_conf.get('port'))) self.socket_server.bind(('', server_conf.get('port')))
print('Bound socket to {} on host {}'.format(server_conf.get('port'), server_conf.get('host'))) print('Bound socket to port {}'.format(server_conf.get('port')))
# Initialize database # Initialize database
db_config = config.get('database') db_config = config.get('database')
@@ -25,15 +25,10 @@ class DsstServer:
sql_func.create_tables() sql_func.create_tables()
print('Database initialized ({})'.format(sql.db.database)) print('Database initialized ({})'.format(sql.db.database))
# Load access tokens and map them to their allowed methods # Load access tokens
read_actions = util.list_class_methods(func_read.ReadFunctions) auth.READ_TOKENS = config.get('tokens').get('readonly')
write_actions = util.list_class_methods(func_write.WriteFunctions) auth.WRITE_TOKENS = config.get('tokens').get('readwrite')
parm_access = { print('Auth tokens loaded')
'r': read_actions,
'rw': read_actions + write_actions
}
self.tokens = {token: parm_access[perms] for token, perms in config.get('tokens').items()}
print('Loaded auth tokens: {}'.format(self.tokens.keys()))
def run(self): def run(self):
self.socket_server.listen(5) self.socket_server.listen(5)
@@ -46,30 +41,23 @@ class DsstServer:
data = util.recv_msg(client) data = util.recv_msg(client)
request = pickle.loads(data) request = pickle.loads(data)
print('Request: {}'.format(request)) print('Request: {}'.format(request))
# Validate auth token in request # Get requested function from function proxy
token = request.get('auth_token')
if token not in self.tokens:
util.send_msg(client, pickle.dumps({'success': False, 'message': 'Auth token invalid'}))
print('Rejected request from {}. Auth token invalid ({})'.format(address, token))
continue
# Check read functions
action_name = request.get('action') action_name = request.get('action')
if action_name in self.tokens[token]: action = getattr(FunctionProxy, action_name)
action = getattr(FunctionProxy, action_name) try:
try: value = action(request.get('auth_token'), *request.get('args'))
value = action(*request.get('args')) except auth.AuthenticationError as e:
except Exception as e: response = e.get_response()
response = {'success': False, 'message': 'Exception was thrown on server.\n{}'.format(e)}
util.send_msg(client, pickle.dumps(response))
raise
response = {'success': True, 'data': value}
util.send_msg(client, pickle.dumps(response)) util.send_msg(client, pickle.dumps(response))
continue raise
else: except Exception as e:
msg = 'Action does not exist on server ({})'.format(request.get('action')) response = {'success': False, 'message': 'Exception was thrown on server.\n{}'.format(e)}
util.send_msg(client, pickle.dumps({'success': False, 'message': msg})) util.send_msg(client, pickle.dumps(response))
raise
response = {'success': True, 'data': value}
util.send_msg(client, pickle.dumps(response))
except Exception as e: except Exception as e:
print(e) print('Exception: ' + str(e))
finally: finally:
client.close() client.close()
print('Connection to client closed') print('Connection to client closed')