Add token authent
This commit is contained in:
parent
0216857cf2
commit
794c265c1d
|
@ -95,4 +95,4 @@ def main():
|
|||
return True
|
||||
addEventHandler("onConnection",onConnectionEvent)
|
||||
|
||||
main()
|
||||
main()
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
global select
|
||||
import select
|
||||
global time
|
||||
import time
|
||||
global binascii
|
||||
import binascii
|
||||
|
||||
global clientLoopIn
|
||||
def clientLoopIn(self):
|
||||
|
@ -42,9 +46,54 @@ def clientLoopIn(self):
|
|||
if cmd[0] == "watch":
|
||||
q = queue.Queue()
|
||||
setClientData(self.cID,"queue",q)
|
||||
|
||||
if cmd[0] == "token":
|
||||
q = queue.Queue()
|
||||
setClientData(self.cID,"queue",q)
|
||||
setClientData(self.cID,"active",False)
|
||||
token = os.urandom(tokenLength)
|
||||
setClientData(self.cID,"token",token)
|
||||
|
||||
if cmd[0] == "token":
|
||||
if not authenticate(args["user"],args["user-password"]): return
|
||||
with clientDataLock:
|
||||
setClientData(self.cID,"active",True)
|
||||
with clientsLock:
|
||||
for client in clients:
|
||||
if getClientData(client,"type") != "token": continue
|
||||
if getClientData(client,"args")["user"] != args["user"]: continue
|
||||
if getClientData(client,"active") != True: continue
|
||||
setClientData(client,"active",False)
|
||||
getClientData(client,"queue").put(None)
|
||||
|
||||
ttimeout = time.monotonic()
|
||||
self.connection.sendall(binascii.hexlify(token))
|
||||
self.connection.close()
|
||||
ttimeout = tokenTimeout - (time.monotonic() - ttimeout)
|
||||
if ttimeout <= 0: return
|
||||
try:
|
||||
q.get(True,ttimeout)
|
||||
except Queue.Empty:
|
||||
pass
|
||||
return
|
||||
|
||||
if cmd[0] == "broadcast":
|
||||
if not authenticate(args["user"],args["user-password"]): return
|
||||
if not "token" in args:
|
||||
if not authenticate(args["user"],args["user-password"]): return
|
||||
else:
|
||||
tokenAuthed = False
|
||||
with clientDataLock:
|
||||
args["token"] = bytes.fromhex(args["token"])
|
||||
with clientsLock:
|
||||
for client in clients:
|
||||
if getClientData(client,"type") != "token": continue
|
||||
if getClientData(client,"args")["user"] != args["user"]: continue
|
||||
if getClientData(client,"active") != True: continue
|
||||
if getClientData(client,"token") != token: return
|
||||
tokenAuthed = True
|
||||
break
|
||||
if not tokenAuthed: return
|
||||
|
||||
if not "bufsize" in args:
|
||||
bufsize = 0
|
||||
else:
|
||||
|
|
|
@ -3,4 +3,8 @@ connBuffer = 1024 # How large can a buffer piece be in bytes?
|
|||
global bufferCost
|
||||
bufferCost = 1024 # Virtually add extra cost to each buffer piece to prevent clients from overloading the server by sending super small pieces.
|
||||
global maxBuffer
|
||||
maxBuffer = 20*1024*1024 # The maximum buffer size of a stream in bytes. Old buffers are discarded, clients that depend on them get disconnected.
|
||||
maxBuffer = 20*1024*1024 # The maximum buffer size of a stream in bytes. Old buffers are discarded, clients that depend on them get disconnected.
|
||||
global tokenTimeout
|
||||
tokenTimeout = 120.0 # How long it takes, in seconds, for a login token to time out.
|
||||
global tokenLength
|
||||
tokenLength = 128 # How long the generated token is, in bytes. Note that the the generated token that is received/sent from/to the client is 2x longer, since it's converted from/to hex.
|
||||
|
|
Loading…
Reference in New Issue