Commit aded467b authored by John Hodge's avatar John Hodge Committed by root
Browse files

MIFARE Login - Add a blacklist of known-bad cards

parent 115d5500
......@@ -20,6 +20,13 @@ from LDAPConnector import get_uid,get_uname, set_card_id
DISPENSE_ENDPOINT = ("localhost", 11020)
DISPSRV_MIFARE = True
# A list of cards that should never be registered, and should never log in
# - Some of these might have been registered before we knew they were duplicates
CARD_BLACKLIST = [
'AAAAAA==', # All zeroes, don't allow that.
'ISIjJA==', # CommBank credit cards
]
class OpenDispense(DispenseInterface):
_username = ""
_disabled = True
......@@ -111,6 +118,10 @@ class OpenDispense(DispenseInterface):
self._username = None
if DISPSRV_MIFARE:
card_base64 = base64.b64encode(cardId)
if card_base64 in CARD_BLACKLIST:
logging.info("Blacklisted card base64:%s" % (card_base64,))
return False
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
sock.connect(DISPENSE_ENDPOINT)
......@@ -128,13 +139,16 @@ class OpenDispense(DispenseInterface):
username = rsp.split('=')[1].strip()
logging.info("Accepted card base64:%s for %s" % (card_base64,username,))
# Check for thier username
try:
# Get info from the system (by username)
info = pwd.getpwnam(username)
except KeyError:
logging.info('getting info for user \'%s\': user not in password file' % (username,))
return False
## Check for thier username
#try:
# # Get info from the system (by username)
# info = pwd.getpwnam(username)
#except KeyError:
# logging.info('getting info for user \'%s\': user not in password file' % (username,))
# return False
#self._userid = info.pw_uid
self._userid = None
self._username = username
else:
# Get the users ID
self._userid = get_uid(cardId)
......@@ -146,13 +160,13 @@ class OpenDispense(DispenseInterface):
except KeyError:
logging.info('getting info for uid %d: user not in password file' % (self._userid,))
return False
self._username = info.pw_name
# If we get this far all is good
self._loggedIn = True
self._disabled = False
self._userid = info.pw_uid
self._username = info.pw_name
return True
def logOut(self):
self._loggedIn = False
self._disabled = False
......@@ -164,7 +178,10 @@ class OpenDispense(DispenseInterface):
return False
if DISPSRV_MIFARE:
card_base64 = base64.b64encode(cardId)
logging.info('Enrolling card %s to uid %s (%s)' % (cardId, self._userId, self._username))
if card_base64 in CARD_BLACKLIST:
logging.info("Blacklisted card base64:%s" % (card_base64,))
return False
logging.info('Enrolling card base64:%s to uid %s (%s)' % (card_base64, self._userId, self._username))
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
sock.connect(DISPENSE_ENDPOINT)
sockf = sock.makefile()
......@@ -263,3 +280,5 @@ class OpenDispenseMapping():
print(map)
return map
# vim: noexpandtab ts=4 sw=4
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment