From 80b7945e6dd4304807288e8e188b10c4a5cc1991 Mon Sep 17 00:00:00 2001 From: F4HTB Date: Sun, 15 Nov 2020 01:43:50 +0000 Subject: [PATCH] add authantification and other mod --- selfsign.crt => UHRH.crt | 0 selfsign.key => UHRH.key | 0 UHRR | 130 ++++++++++++++---- UHRR.conf | 9 +- UHRR.log | 1 + UHRR_users.db | 3 + opus/__pycache__/__init__.cpython-37.pyc | Bin 214 -> 214 bytes opus/__pycache__/decoder.cpython-37.pyc | Bin 2606 -> 2606 bytes opus/__pycache__/exceptions.cpython-37.pyc | Bin 613 -> 613 bytes opus/api/__pycache__/__init__.cpython-37.pyc | Bin 376 -> 376 bytes opus/api/__pycache__/constants.cpython-37.pyc | Bin 1732 -> 1732 bytes opus/api/__pycache__/ctl.cpython-37.pyc | Bin 3284 -> 3284 bytes opus/api/__pycache__/decoder.cpython-37.pyc | Bin 4144 -> 4144 bytes opus/api/__pycache__/info.cpython-37.pyc | Bin 480 -> 480 bytes www/controls.js | 6 +- www/img/logout.png | Bin 0 -> 1051 bytes www/style.css | 5 + 17 files changed, 126 insertions(+), 28 deletions(-) rename selfsign.crt => UHRH.crt (100%) rename selfsign.key => UHRH.key (100%) create mode 100644 UHRR.log create mode 100644 UHRR_users.db create mode 100644 www/img/logout.png diff --git a/selfsign.crt b/UHRH.crt similarity index 100% rename from selfsign.crt rename to UHRH.crt diff --git a/selfsign.key b/UHRH.key similarity index 100% rename from selfsign.key rename to UHRH.key diff --git a/UHRR b/UHRR index 4ce8c48..4d10cb0 100755 --- a/UHRR +++ b/UHRR @@ -26,6 +26,14 @@ config = configparser.ConfigParser() config.read('UHRR.conf') e="No" +############ Global functions ################################## +def writte_log(logmsg): + logfile = open(config['SERVER']['log_file'],"w") + msg = str(datetime.datetime.now())+":"+str(logmsg) + logfile.write(msg) + print(msg) + logfile.close() + ############ Generate and send FFT from RTLSDR ############## is_rtlsdr_present = True @@ -491,16 +499,19 @@ class threadtimeoutTRXshutdown(threading.Thread): time.sleep(60) timeoutTRXshutdown() -############ Main ############## -class MainHandler(tornado.web.RequestHandler): +############ BaseHandler tornado ############## +class BaseHandler(tornado.web.RequestHandler): + def get_current_user(self): + return self.get_secure_cookie("user") +############ Config ############## +class ConfigHandler(BaseHandler): def get(self): - self.application.settings.get("compiled_template_cache", False) - self.set_header('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0') - self.render("www/index.html") - -class ConfigHandler(tornado.web.RequestHandler): - def get(self): + + if bool(config['SERVER']['auth']) and not self.current_user: + self.redirect("/login") + return + self.application.settings.get("compiled_template_cache", False) self.set_header('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0') try: @@ -513,7 +524,11 @@ class ConfigHandler(tornado.web.RequestHandler): rig_models=[s[10:] for s in dir(Hamlib) if "RIG_MODEL_" in s] self.write("""
""") self.write("""[SERVER]

""") - self.write("""SERVER TCP/IP port:

""") + self.write("""SERVER TCP/IP port:Defautl:8888.The server port

""") + self.write("""SERVER Authentification type: Defautl:leave blank. Else you can use "FILE" or/and "PAM".

""") + self.write("""SERVER database users file: Defautl:UHRR_users.db Only if you use Authentification type "FILE".

""") + self.write("""You can change database users file in UHRR.conf.
To add a user in FILE type, add it in UHRR_users.db (default file name).
Add one account per line as login password.
""") + self.write("""If you plan to use PAM you can add account in command line: adduser --no-create-home --system thecallsign.

""") self.write("""If you whant to change certfile and keyfile, replace "UHRH.crt" and "UHRH.key" in the boot folder, and when the pi boot, it will use those files to start http ssl.

""") self.write("""[AUDIO]

""") @@ -522,29 +537,30 @@ class ConfigHandler(tornado.web.RequestHandler): self.write("""""") for c in audiodevicesoutput: self.write("""""") - self.write("""

""") + self.write(""" Output from audio soundcard to the mic input of TRX.

""") self.write("""AUDIO inputdevice:

""") + self.write(""" Input from audio soundcard from the speaker output of TRX.

""") self.write("""[HAMLIB]

""") - self.write("""HAMLIB serial port:

""") - + self.write("""HAMLIB radio model:

""") + self.write(""" Hamlib trx model.

""") + + self.write("""HAMLIB serial port: Serial port of the CAT interface.

""") self.write("""HAMLIB radio rate:

""") + self.write(""" Serial port baud rate.

""") self.write("""HAMLIB auto tx poweroff:

""") + self.write("""""") + self.write("""""") + self.write(""" Set to auto power off the trx when it's not in use

""") self.write("""[PANADAPTER]

""") self.write("""PANADAPTER FI frequency (hz):

""") @@ -594,6 +610,11 @@ class ConfigHandler(tornado.web.RequestHandler): self.write("""

Possible problem:"""+e+"""""") def post(self): + + if bool(config['SERVER']['auth']) and not self.current_user: + self.redirect("/login") + return + for x in self.request.arguments: (s,o)=x.split(".") v=self.get_argument(x) @@ -607,6 +628,64 @@ class ConfigHandler(tornado.web.RequestHandler): time.sleep(2) os.system("sleep 2;./UHRR &") os._exit(1) + +############ Login ############## +class AuthLoginHandler(BaseHandler): + + def get(self): + if not bool(config['SERVER']['auth']): + self.redirect("/") + return + self.write('
' + 'CallSign:
' + 'Password:
' + '' + '
') + + def post(self): + if self.get_argument("name") != "" and self.get_argument("passwd") != "": + if self.bind(self.get_argument("name"),self.get_argument("passwd")): + self.set_secure_cookie("user", self.get_argument("name")) + self.set_cookie("callsign", self.get_argument("name")) + self.set_cookie("autha", "1") + else: + writte_log("Auth error for CallSign:"+str(self.get_argument("name"))) + self.redirect("/") + + def bind(self,user="",password=""): + retval = False + if (user!="" and password!=""): + if config['SERVER']['auth'].find("FILE") != -1: #test with users db file + f = open(config['SERVER']['db_users_file'], "r") + for x in f: + if x[0]!="#": + db=x.split(" ") + if db[0] == user and db[1]== password: + retval = True + break + if not retval and config['SERVER']['auth'].find("PAM") != -1:#test with pam module + if config['SERVER']['pam_account'].find(user) != -1: + import pam + retval = pam.authenticate(user, password) + return retval + +class AuthLogoutHandler(BaseHandler): + def get(self): + self.clear_cookie("user") + self.clear_cookie("autha") + self.redirect(self.get_argument("next", "/")) + +############ Main ############## +class MainHandler(BaseHandler): + + def get(self): + print("Tornado current user:"+str(self.current_user)) + if bool(config['SERVER']['auth']) and not self.current_user: + self.redirect("/login") + return + self.application.settings.get("compiled_template_cache", False) + self.set_header('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0') + self.render("www/index.html") if __name__ == "__main__": @@ -629,6 +708,8 @@ if __name__ == "__main__": app = tornado.web.Application([ + (r"/login", AuthLoginHandler), + (r"/logout", AuthLogoutHandler), (r'/audioRX', AudioRXHandler), (r'/audioTX', AudioTXHandler), (r'/CTRX', ControlTRX), @@ -636,7 +717,7 @@ if __name__ == "__main__": (r'/CONFIG', ConfigHandler), (r'/', MainHandler), (r'/(.*)', tornado.web.StaticFileHandler, { 'path' : './www' }) - ],debug=bool(config['SERVER']['debug']), websocket_ping_interval=10) + ],debug=bool(config['SERVER']['debug']), websocket_ping_interval=10, cookie_secret=config['SERVER']['cookie_secret']) except: e = str(sys.exc_info()) print(e) @@ -653,3 +734,4 @@ if __name__ == "__main__": http_server.listen(int(config['SERVER']['port'])) print('HTTP server started.') tornado.ioloop.IOLoop.instance().start() + diff --git a/UHRR.conf b/UHRR.conf index 67d5639..1dab8b0 100644 --- a/UHRR.conf +++ b/UHRR.conf @@ -1,7 +1,12 @@ [SERVER] port = 8888 -certfile = /boot/UHRH.crt -keyfile = /boot/UHRH.key +certfile = UHRH.crt +keyfile = UHRH.key +auth = +cookie_secret = L8LwECiNRxq2N0N2eGxx9MZlrpmuMEimlydNX/vt1LM= +db_users_file = UHRR_users.db +pam_account = pi +log_file = UHRR.log debug = True [CTRL] diff --git a/UHRR.log b/UHRR.log new file mode 100644 index 0000000..5623dda --- /dev/null +++ b/UHRR.log @@ -0,0 +1 @@ +2020-11-15 00:53:01.857765:Auth error for CallSign:pi \ No newline at end of file diff --git a/UHRR_users.db b/UHRR_users.db new file mode 100644 index 0000000..a4a2300 --- /dev/null +++ b/UHRR_users.db @@ -0,0 +1,3 @@ +#one line per account like : +#1AAW Paul! +F4HTB test diff --git a/opus/__pycache__/__init__.cpython-37.pyc b/opus/__pycache__/__init__.cpython-37.pyc index 03faa2fd0a9807b1634b1fcc8d3da0a1769d0061..ae0c7fdf09c70a4a0cd0e1a09cc3c5d3cdc75c6f 100644 GIT binary patch delta 19 Zcmcb{c#V8UQc{1y%q6 delta 19 Zcmcb{c#Vut9;_iIut9;_iIsi}#HiA*LlJ3Bi!H@CXFIy^j_PN!3;)Z*fzVHn9|QmXyG z2K6IqDc6w*Fap<+;~gG^u19lFxWrU_S|X+vc%olZ{fJ?mbGryRWwuuGe4|B+7&AGo zmOQKhAtD1YOQ|AJz9SZThnt`)XigPw#niTVB7`c-YSoC8^|-K$gj2`XVxDj6TGg!D zcXc$zX=o`C6y^T{Yajt_bJ!2wTIK}n4!0rXCTl448_5!u^YJ?R0;4p9i<|&RgDMvQLNJqgIEQ$NQ#zXDftbCrVJF0r}n^#M_Zr>iOB*F zfP^1l!cPNQvapP+SR|IR$N%?RJMZS%z&7Km%)GaQ<2Wc0&WVvXaG6>NK^O)yG31Jz z8gnZi+74ljkb-Wl?3EKFbBsn!@We<^kUIJ{xDg<32F2r1h0#sWl?hZB!Ewzs^R&Wn z5_k@gZAq{oFb(EOL;P<$wT7M87W7ZA@38GqGd5DL(BO?H` zE;lOnX|UkP%l8Me{kXPv_1agd>5imQIJ5T1V{fngSwG*~_d#pN_pRryzB95_k6*dC zd;b%=K3ez|g$H`tkA8eZdAPgSdHL+$RM%WGQ{=Rnq$Whd=e6`k}9VVSQja`{1_sHecC=?rGcMKc3@nzVSu# zGrI>b|N2{7bG_?!wEftlpRC-Tur9pNnd~E%66UcJJM~SeuDwq_^xS a > img{ + height:25px; + width:25px; +} + #personalfrequency { position:absolute;