Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
UCC
UCC Snack Machine Server Code
Commits
aded467b
Commit
aded467b
authored
Nov 16, 2019
by
John Hodge
Committed by
root
Nov 16, 2019
Browse files
MIFARE Login - Add a blacklist of known-bad cards
parent
115d5500
Changes
1
Hide whitespace changes
Inline
Side-by-side
VendServer/OpenDispense.py
View file @
aded467b
...
...
@@ -20,6 +20,13 @@ from LDAPConnector import get_uid,get_uname, set_card_id
DISPENSE_ENDPOINT
=
(
"localhost"
,
11020
)
DISPSRV_MIFARE
=
True
# A list of cards that should never be registered, and should never log in
# - Some of these might have been registered before we knew they were duplicates
CARD_BLACKLIST
=
[
'AAAAAA=='
,
# All zeroes, don't allow that.
'ISIjJA=='
,
# CommBank credit cards
]
class
OpenDispense
(
DispenseInterface
):
_username
=
""
_disabled
=
True
...
...
@@ -111,6 +118,10 @@ class OpenDispense(DispenseInterface):
self
.
_username
=
None
if
DISPSRV_MIFARE
:
card_base64
=
base64
.
b64encode
(
cardId
)
if
card_base64
in
CARD_BLACKLIST
:
logging
.
info
(
"Blacklisted card base64:%s"
%
(
card_base64
,))
return
False
sock
=
socket
.
socket
(
socket
.
AF_INET
,
socket
.
SOCK_STREAM
,
0
)
sock
.
connect
(
DISPENSE_ENDPOINT
)
...
...
@@ -128,13 +139,16 @@ class OpenDispense(DispenseInterface):
username
=
rsp
.
split
(
'='
)[
1
].
strip
()
logging
.
info
(
"Accepted card base64:%s for %s"
%
(
card_base64
,
username
,))
# Check for thier username
try
:
# Get info from the system (by username)
info
=
pwd
.
getpwnam
(
username
)
except
KeyError
:
logging
.
info
(
'getting info for user
\'
%s
\'
: user not in password file'
%
(
username
,))
return
False
## Check for thier username
#try:
# # Get info from the system (by username)
# info = pwd.getpwnam(username)
#except KeyError:
# logging.info('getting info for user \'%s\': user not in password file' % (username,))
# return False
#self._userid = info.pw_uid
self
.
_userid
=
None
self
.
_username
=
username
else
:
# Get the users ID
self
.
_userid
=
get_uid
(
cardId
)
...
...
@@ -146,13 +160,13 @@ class OpenDispense(DispenseInterface):
except
KeyError
:
logging
.
info
(
'getting info for uid %d: user not in password file'
%
(
self
.
_userid
,))
return
False
self
.
_username
=
info
.
pw_name
# If we get this far all is good
self
.
_loggedIn
=
True
self
.
_disabled
=
False
self
.
_userid
=
info
.
pw_uid
self
.
_username
=
info
.
pw_name
return
True
def
logOut
(
self
):
self
.
_loggedIn
=
False
self
.
_disabled
=
False
...
...
@@ -164,7 +178,10 @@ class OpenDispense(DispenseInterface):
return
False
if
DISPSRV_MIFARE
:
card_base64
=
base64
.
b64encode
(
cardId
)
logging
.
info
(
'Enrolling card %s to uid %s (%s)'
%
(
cardId
,
self
.
_userId
,
self
.
_username
))
if
card_base64
in
CARD_BLACKLIST
:
logging
.
info
(
"Blacklisted card base64:%s"
%
(
card_base64
,))
return
False
logging
.
info
(
'Enrolling card base64:%s to uid %s (%s)'
%
(
card_base64
,
self
.
_userId
,
self
.
_username
))
sock
=
socket
.
socket
(
socket
.
AF_INET
,
socket
.
SOCK_STREAM
,
0
)
sock
.
connect
(
DISPENSE_ENDPOINT
)
sockf
=
sock
.
makefile
()
...
...
@@ -263,3 +280,5 @@ class OpenDispenseMapping():
print
(
map
)
return
map
# vim: noexpandtab ts=4 sw=4
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment