summaryrefslogtreecommitdiff
path: root/backend
Unidiff
Diffstat (limited to 'backend') (more/less context) (ignore whitespace changes)
-rw-r--r--backend/python/src/clipperz.py19
1 files changed, 8 insertions, 11 deletions
diff --git a/backend/python/src/clipperz.py b/backend/python/src/clipperz.py
index c8d91de..bd5d030 100644
--- a/backend/python/src/clipperz.py
+++ b/backend/python/src/clipperz.py
@@ -1,409 +1,406 @@
1 # 1#
2 #Copyright 2008-2011 Clipperz Srl 2 #Copyright 2008-2011 Clipperz Srl
3 # 3 #
4 #This file is part of Clipperz's Javascript Crypto Library. 4 #This file is part of Clipperz Community Edition.
5 #Javascript Crypto Library provides web developers with an extensive 5 #Clipperz Community Edition is an online password manager.
6 #and efficient set of cryptographic functions. The library aims to
7 #obtain maximum execution speed while preserving modularity and
8 #reusability.
9 #For further information about its features and functionalities please 6 #For further information about its features and functionalities please
10 #refer to http://www.clipperz.com 7 #refer to http://www.clipperz.com.
11 # 8 #
12 #* Javascript Crypto Library is free software: you can redistribute 9 #* Clipperz Community Edition is free software: you can redistribute
13 # it and/or modify it under the terms of the GNU Affero General Public 10 # it and/or modify it under the terms of the GNU Affero General Public
14 # License as published by the Free Software Foundation, either version 11 # License as published by the Free Software Foundation, either version
15 # 3 of the License, or (at your option) any later version. 12 # 3 of the License, or (at your option) any later version.
16 # 13 #
17 #* Javascript Crypto Library is distributed in the hope that it will 14 #* Clipperz Community Edition is distributed in the hope that it will
18 # be useful, but WITHOUT ANY WARRANTY; without even the implied 15 # be useful, but WITHOUT ANY WARRANTY; without even the implied
19 # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 16 # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20 # See the GNU Affero General Public License for more details. 17 # See the GNU Affero General Public License for more details.
21 # 18 #
22 #* You should have received a copy of the GNU Affero General Public 19 #* You should have received a copy of the GNU Affero General Public
23 # License along with Javascript Crypto Library. If not, see 20 # License along with Clipperz Community Edition. If not, see
24 # <http://www.gnu.org/licenses/>. 21 # <http://www.gnu.org/licenses/>.
25 # 22#
26 23
27import os 24import os
28import cgi 25import cgi
29import wsgiref.handlers 26import wsgiref.handlers
30 27
31import datetime 28import datetime
32import uuid 29import uuid
33import random 30import random
34import hashlib 31import hashlib
35 32
36import logging 33import logging
37 34
38from google.appengine.api import users 35from google.appengine.api import users
39from google.appengine.ext import webapp 36from google.appengine.ext import webapp
40from google.appengine.ext import db 37from google.appengine.ext import db
41from google.appengine.ext.webapp import template 38from google.appengine.ext.webapp import template
42 39
43from django.utils import simplejson 40from django.utils import simplejson
44 41
45#============================================================================== 42#==============================================================================
46 43
47sessionTimeout = datetime.timedelta(minutes=-2) 44sessionTimeout = datetime.timedelta(minutes=-2)
48 45
49def randomSeed(): 46def randomSeed():
50 return hex(random.getrandbits(32*8))[2:-1] 47 return hex(random.getrandbits(32*8))[2:-1]
51 48
52def clipperzHash(aString): 49def clipperzHash(aString):
53 #logging.info(">>> string: " + aString) 50 #logging.info(">>> string: " + aString)
54 firstRound = hashlib.sha256() 51 firstRound = hashlib.sha256()
55 firstRound.update(aString) 52 firstRound.update(aString)
56 #logging.info("firstRound: " + firstRound.hexdigest() + " - " + firstRound.digest()) 53 #logging.info("firstRound: " + firstRound.hexdigest() + " - " + firstRound.digest())
57 result = hashlib.sha256() 54 result = hashlib.sha256()
58 result.update(firstRound.digest()) 55 result.update(firstRound.digest())
59 #logging.info("<<< finalResul: " + result.hexdigest()) 56 #logging.info("<<< finalResul: " + result.hexdigest())
60 57
61 return result.hexdigest() 58 return result.hexdigest()
62 59
63#============================================================================== 60#==============================================================================
64 61
65class User(db.Model): 62class User(db.Model):
66 username= db.StringProperty() 63 username= db.StringProperty()
67 srp_s = db.StringProperty() 64 srp_s = db.StringProperty()
68 srp_v = db.StringProperty() 65 srp_v = db.StringProperty()
69 header = db.TextProperty() 66 header = db.TextProperty()
70 statistics= db.TextProperty() 67 statistics= db.TextProperty()
71 auth_version= db.StringProperty() 68 auth_version= db.StringProperty()
72 version = db.StringProperty() 69 version = db.StringProperty()
73 lock = db.StringProperty() 70 lock = db.StringProperty()
74 71
75 def updateCredentials(self, someCredentials): 72 def updateCredentials(self, someCredentials):
76 self.username = someCredentials['C'] 73 self.username = someCredentials['C']
77 self.srp_s = someCredentials['s'] 74 self.srp_s = someCredentials['s']
78 self.srp_v = someCredentials['v'] 75 self.srp_v = someCredentials['v']
79 self.auth_version= someCredentials['version'] 76 self.auth_version= someCredentials['version']
80 77
81 def update(self, someData): 78 def update(self, someData):
82 self.header = someData['header'] 79 self.header = someData['header']
83 self.statistics= someData['statistics'] 80 self.statistics= someData['statistics']
84 self.version= someData['version'] 81 self.version= someData['version']
85 self.lock = someData['lock'] 82 self.lock = someData['lock']
86 83
87#------------------------------------------------------------------------------ 84#------------------------------------------------------------------------------
88 85
89class Record(db.Model): 86class Record(db.Model):
90 user = db.ReferenceProperty(User) 87 user = db.ReferenceProperty(User)
91 reference = db.StringProperty() 88 reference = db.StringProperty()
92 data = db.TextProperty() 89 data = db.TextProperty()
93 version = db.StringProperty() 90 version = db.StringProperty()
94 creation_date= db.DateTimeProperty(auto_now_add=True) 91 creation_date= db.DateTimeProperty(auto_now_add=True)
95 update_date = db.DateTimeProperty(auto_now_add=True) 92 update_date = db.DateTimeProperty(auto_now_add=True)
96 access_date = db.DateTimeProperty(auto_now_add=True) 93 access_date = db.DateTimeProperty(auto_now_add=True)
97 94
98#------------------------------------------------------------------------------ 95#------------------------------------------------------------------------------
99 96
100class RecordVersion(db.Model): 97class RecordVersion(db.Model):
101 record = db.ReferenceProperty(Record) 98 record = db.ReferenceProperty(Record)
102 reference = db.StringProperty() 99 reference = db.StringProperty()
103 header = db.TextProperty() 100 header = db.TextProperty()
104 data = db.TextProperty() 101 data = db.TextProperty()
105 version = db.StringProperty() 102 version = db.StringProperty()
106 previousVersionKey= db.StringProperty() 103 previousVersionKey= db.StringProperty()
107 previousVersion = db.SelfReferenceProperty() 104 previousVersion = db.SelfReferenceProperty()
108 creation_date = db.DateTimeProperty(auto_now_add=True) 105 creation_date = db.DateTimeProperty(auto_now_add=True)
109 update_date = db.DateTimeProperty(auto_now_add=True) 106 update_date = db.DateTimeProperty(auto_now_add=True)
110 access_date = db.DateTimeProperty(auto_now_add=True) 107 access_date = db.DateTimeProperty(auto_now_add=True)
111 108
112 def update(self, someData): 109 def update(self, someData):
113 recordData = someData['record']; 110 recordData = someData['record'];
114 self.parent().reference =recordData['reference'] 111 self.parent().reference =recordData['reference']
115 self.parent().data = recordData['data'] 112 self.parent().data = recordData['data']
116 self.parent().version = recordData['version'] 113 self.parent().version = recordData['version']
117 self.parent().update_date =datetime.datetime.now() 114 self.parent().update_date =datetime.datetime.now()
118 115
119 recordVersionData = someData['currentRecordVersion']; 116 recordVersionData = someData['currentRecordVersion'];
120 self.reference = recordVersionData ['reference'] 117 self.reference = recordVersionData ['reference']
121 self.data = recordVersionData ['data'] 118 self.data = recordVersionData ['data']
122 self.version = recordVersionData ['version'] 119 self.version = recordVersionData ['version']
123 #self.previous_version =#recordVersionData ['previousVersion'] 120 #self.previous_version =#recordVersionData ['previousVersion']
124 self.previous_version_key =recordVersionData ['previousVersionKey'] 121 self.previous_version_key =recordVersionData ['previousVersionKey']
125 self.update_date = datetime.datetime.now() 122 self.update_date = datetime.datetime.now()
126 123
127#------------------------------------------------------------------------------ 124#------------------------------------------------------------------------------
128 125
129class OneTimePassword(db.Model): 126class OneTimePassword(db.Model):
130 user = db.ReferenceProperty(User) 127 user = db.ReferenceProperty(User)
131 status = db.StringProperty() 128 status = db.StringProperty()
132 reference = db.StringProperty() 129 reference = db.StringProperty()
133 keyValue = db.StringProperty() 130 keyValue = db.StringProperty()
134 keyChecksum = db.StringProperty() 131 keyChecksum = db.StringProperty()
135 data = db.TextProperty() 132 data = db.TextProperty()
136 version = db.StringProperty() 133 version = db.StringProperty()
137 creation_date= db.DateTimeProperty(auto_now_add=True) 134 creation_date= db.DateTimeProperty(auto_now_add=True)
138 request_date= db.DateTimeProperty() 135 request_date= db.DateTimeProperty()
139 usage_date = db.DateTimeProperty() 136 usage_date = db.DateTimeProperty()
140 137
141 def update(self, someParameters, aStatus): 138 def update(self, someParameters, aStatus):
142 self.reference = someParameters['reference'] 139 self.reference = someParameters['reference']
143 self.keyValue = someParameters['key'] 140 self.keyValue = someParameters['key']
144 self.keyChecksum = someParameters['keyChecksum'] 141 self.keyChecksum = someParameters['keyChecksum']
145 self.data = someParameters['data'] 142 self.data = someParameters['data']
146 self.version = someParameters['version'] 143 self.version = someParameters['version']
147 self.status = aStatus 144 self.status = aStatus
148 145
149 def reset(self, aStatus): 146 def reset(self, aStatus):
150 self.data = "" 147 self.data = ""
151 self.status =aStatus 148 self.status =aStatus
152 149
153 return self 150 return self
154 151
155#------------------------------------------------------------------------------ 152#------------------------------------------------------------------------------
156 153
157class Session(db.Expando): 154class Session(db.Expando):
158 sessionId= db.StringProperty() 155 sessionId= db.StringProperty()
159 access_date= db.DateTimeProperty() 156 access_date= db.DateTimeProperty()
160 157
161#============================================================================== 158#==============================================================================
162 159
163class MainPage(webapp.RequestHandler): 160class MainPage(webapp.RequestHandler):
164 def get(self): 161 def get(self):
165 path = os.path.join(os.path.dirname(__file__), 'static%s' % self.request.path) 162 path = os.path.join(os.path.dirname(__file__), 'static%s' % self.request.path)
166 self.response.out.write(template.render(path, {})) 163 self.response.out.write(template.render(path, {}))
167 164
168#============================================================================== 165#==============================================================================
169 166
170class XHR(webapp.RequestHandler): 167class XHR(webapp.RequestHandler):
171 168
172 #========================================================================== 169 #==========================================================================
173 170
174 def get(self): 171 def get(self):
175 logging.info("self.request.path: " + self.request.path) 172 logging.info("self.request.path: " + self.request.path)
176 if self.request.path == "/dump": 173 if self.request.path == "/dump":
177 session = self.getSession() 174 session = self.getSession()
178 userData = {} 175 userData = {}
179 offline_data_placeholder = "" 176 offline_data_placeholder = ""
180 177
181 user = db.Query(User).filter('username =', session.C).get() 178 user = db.Query(User).filter('username =', session.C).get()
182 179
183 userData['users'] = { 180 userData['users'] = {
184 'catchAllUser': { 181 'catchAllUser': {
185 '__masterkey_test_value__': 'masterkey', 182 '__masterkey_test_value__': 'masterkey',
186 's': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00', 183 's': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00',
187 'v': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00' 184 'v': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00'
188 } 185 }
189 } 186 }
190 187
191 records = {} 188 records = {}
192 for currentRecord in db.Query(Record).ancestor(user): 189 for currentRecord in db.Query(Record).ancestor(user):
193 versions = {} 190 versions = {}
194 for currentVersion in db.Query(RecordVersion).ancestor(currentRecord): 191 for currentVersion in db.Query(RecordVersion).ancestor(currentRecord):
195 versions[currentVersion.reference] ={ 192 versions[currentVersion.reference] ={
196 'header': currentVersion.header, 193 'header': currentVersion.header,
197 'data': currentVersion.data, 194 'data': currentVersion.data,
198 'version': currentVersion.version, 195 'version': currentVersion.version,
199 'creationDate':str(currentVersion.creation_date), 196 'creationDate':str(currentVersion.creation_date),
200 'updateDate':str(currentVersion.update_date), 197 'updateDate':str(currentVersion.update_date),
201 'accessDate':str(currentVersion.access_date) 198 'accessDate':str(currentVersion.access_date)
202 } 199 }
203 200
204 records[currentRecord.reference] = { 201 records[currentRecord.reference] = {
205 'data': currentRecord.data, 202 'data': currentRecord.data,
206 'version': currentRecord.version, 203 'version': currentRecord.version,
207 'creationDate': str(currentRecord.creation_date), 204 'creationDate': str(currentRecord.creation_date),
208 'updateDate': str(currentRecord.update_date), 205 'updateDate': str(currentRecord.update_date),
209 'accessDate': str(currentRecord.access_date), 206 'accessDate': str(currentRecord.access_date),
210 'currentVersion':currentVersion.reference, 207 'currentVersion':currentVersion.reference,
211 'versions': versions 208 'versions': versions
212 } 209 }
213 210
214 userData['users'][user.username] = { 211 userData['users'][user.username] = {
215 's': user.srp_s, 212 's': user.srp_s,
216 'v': user.srp_v, 213 'v': user.srp_v,
217 'version': user.auth_version, 214 'version': user.auth_version,
218 'maxNumberOfRecords':'100', 215 'maxNumberOfRecords':'100',
219 'userDetails': user.header, 216 'userDetails': user.header,
220 'statistics': user.statistics, 217 'statistics': user.statistics,
221 'userDetailsVersion':user.version, 218 'userDetailsVersion':user.version,
222 'records': records 219 'records': records
223 } 220 }
224 221
225 offline_data_placeholder = offline_data_placeholder + "_clipperz_dump_data_ = " + simplejson.dumps(userData, indent=4) + "\n" 222 offline_data_placeholder = offline_data_placeholder + "_clipperz_dump_data_ = " + simplejson.dumps(userData, indent=4) + "\n"
226 offline_data_placeholder = offline_data_placeholder + "Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();" + "\n" 223 offline_data_placeholder = offline_data_placeholder + "Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();" + "\n"
227 offline_data_placeholder = offline_data_placeholder + "Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();" + "\n" 224 offline_data_placeholder = offline_data_placeholder + "Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();" + "\n"
228 225
229 path = os.path.join(os.path.dirname(__file__), 'static/dump.html') 226 path = os.path.join(os.path.dirname(__file__), 'static/dump.html')
230 227
231 self.response.headers.add_header('Content-Type', 'text/html') 228 self.response.headers.add_header('Content-Type', 'text/html')
232 self.response.headers.add_header('Content-Disposition', 'attachment', filename='Clipperz.html') 229 self.response.headers.add_header('Content-Disposition', 'attachment', filename='Clipperz.html')
233 self.response.out.write(template.render(path, {'offline_data_placeholder': offline_data_placeholder})) 230 self.response.out.write(template.render(path, {'offline_data_placeholder': offline_data_placeholder}))
234 231
235 #========================================================================== 232 #==========================================================================
236 233
237 def post(self): 234 def post(self):
238 method = self.request.get('method') 235 method = self.request.get('method')
239 parameters = simplejson.loads(self.request.get('parameters')) 236 parameters = simplejson.loads(self.request.get('parameters'))
240 session = self.getSession() 237 session = self.getSession()
241 result = {}; 238 result = {};
242 239
243 #---------------------------------------------------------------------- 240 #----------------------------------------------------------------------
244 241
245 if method == 'registration': 242 if method == 'registration':
246 message = parameters['message']; 243 message = parameters['message'];
247 244
248 if message == 'completeRegistration': 245 if message == 'completeRegistration':
249 user = User() 246 user = User()
250 247
251 user.updateCredentials(parameters['credentials']) 248 user.updateCredentials(parameters['credentials'])
252 user.update(parameters['user']) 249 user.update(parameters['user'])
253 user.put() 250 user.put()
254 251
255 result['lock'] = user.lock 252 result['lock'] = user.lock
256 result['result'] = "done" 253 result['result'] = "done"
257 254
258 #---------------------------------------------------------------------- 255 #----------------------------------------------------------------------
259 256
260 elif method == 'handshake': 257 elif method == 'handshake':
261 srp_g = 2L 258 srp_g = 2L
262 srp_n = long("0x%s" % "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16) 259 srp_n = long("0x%s" % "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16)
263 260
264 message = parameters['message']; 261 message = parameters['message'];
265 262
266 #------------------------------------------------------------------ 263 #------------------------------------------------------------------
267 264
268 if message == 'connect': 265 if message == 'connect':
269 session.C = parameters['parameters']['C'] 266 session.C = parameters['parameters']['C']
270 session.A = parameters['parameters']['A'] 267 session.A = parameters['parameters']['A']
271 268
272 user = db.Query(User).filter('username =', session.C).get() 269 user = db.Query(User).filter('username =', session.C).get()
273 270
274 if user != None: 271 if user != None:
275 try: 272 try:
276 optId = session.otpId 273 optId = session.otpId
277 274
278 oneTimePassword = db.Query(OneTimePassword).filter('keyValue =', optId).get() 275 oneTimePassword = db.Query(OneTimePassword).filter('keyValue =', optId).get()
279 276
280 if oneTimePassword.parent().username != user.username: 277 if oneTimePassword.parent().username != user.username:
281 oneTimePassword.reset('DISABLED').put() 278 oneTimePassword.reset('DISABLED').put()
282 raise Exception, "User missmatch between the current session and 'One Time Password' user" 279 raise Exception, "User missmatch between the current session and 'One Time Password' user"
283 elif oneTimePassword.status != 'REQUESTED': 280 elif oneTimePassword.status != 'REQUESTED':
284 oneTimePassword.reset('DISABLED').put() 281 oneTimePassword.reset('DISABLED').put()
285 raise Exception, "Tring to use an 'One Time Password' in the wrong state" 282 raise Exception, "Tring to use an 'One Time Password' in the wrong state"
286 283
287 oneTimePassword.reset("USED").put() 284 oneTimePassword.reset("USED").put()
288 285
289 result['oneTimePassword'] = oneTimePassword.reference 286 result['oneTimePassword'] = oneTimePassword.reference
290 287
291 except Exception, detail: 288 except Exception, detail:
292 logging.error("connect.optId: " + str(detail)) 289 logging.error("connect.optId: " + str(detail))
293 290
294 session.s = user.srp_s 291 session.s = user.srp_s
295 session.v = user.srp_v 292 session.v = user.srp_v
296 else: 293 else:
297 session.s = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00" 294 session.s = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"
298 session.v = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00" 295 session.v = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"
299 296
300 session.b = randomSeed() 297 session.b = randomSeed()
301 session.B = hex(long("0x%s" % session.v, 16) + pow(srp_g, long("0x%s" %session.b, 16), srp_n))[2:-1] 298 session.B = hex(long("0x%s" % session.v, 16) + pow(srp_g, long("0x%s" %session.b, 16), srp_n))[2:-1]
302 299
303 result['s'] = session.s 300 result['s'] = session.s
304 result['B'] = session.B 301 result['B'] = session.B
305 302
306 #------------------------------------------------------------------ 303 #------------------------------------------------------------------
307 304
308 elif message == 'credentialCheck': 305 elif message == 'credentialCheck':
309 B = long("0x%s" % session.B, 16) 306 B = long("0x%s" % session.B, 16)
310 b = long("0x%s" % session.b, 16) 307 b = long("0x%s" % session.b, 16)
311 A = long("0x%s" % session.A, 16) 308 A = long("0x%s" % session.A, 16)
312 v = long("0x%s" % session.v, 16) 309 v = long("0x%s" % session.v, 16)
313 u = long("0x%s" % clipperzHash(str(B)), 16) 310 u = long("0x%s" % clipperzHash(str(B)), 16)
314 n = srp_n 311 n = srp_n
315 312
316 S = pow((A * pow(v, u, n)), b, n) 313 S = pow((A * pow(v, u, n)), b, n)
317 K = clipperzHash(str(S)) 314 K = clipperzHash(str(S))
318 M1 = clipperzHash(str(A) + str(B) + K) 315 M1 = clipperzHash(str(A) + str(B) + K)
319 316
320 if M1 == parameters['parameters']['M1']: 317 if M1 == parameters['parameters']['M1']:
321 session.K = K 318 session.K = K
322 M2 = clipperzHash(str(A) + M1 + K) 319 M2 = clipperzHash(str(A) + M1 + K)
323 320
324 result['M2'] = M2 321 result['M2'] = M2
325 result["connectionId"] = "" 322 result["connectionId"] = ""
326 result["loginInfo"] = {} 323 result["loginInfo"] = {}
327 result["loginInfo"]["latest"] = {} 324 result["loginInfo"]["latest"] = {}
328 result["loginInfo"]["current"] = {} 325 result["loginInfo"]["current"] = {}
329 result["offlineCopyNeeded"] = "false"; 326 result["offlineCopyNeeded"] = "false";
330 result["lock"] = "----"; 327 result["lock"] = "----";
331 else: 328 else:
332 result['error'] = "?" 329 result['error'] = "?"
333 330
334 #------------------------------------------------------------------ 331 #------------------------------------------------------------------
335 332
336 elif message == 'oneTimePassword': 333 elif message == 'oneTimePassword':
337 oneTimePassword = db.Query(OneTimePassword).filter("keyValue =", parameters["parameters"]["oneTimePasswordKey"]).get() 334 oneTimePassword = db.Query(OneTimePassword).filter("keyValue =", parameters["parameters"]["oneTimePasswordKey"]).get()
338 335
339 if oneTimePassword != None: 336 if oneTimePassword != None:
340 if oneTimePassword.status == 'ACTIVE': 337 if oneTimePassword.status == 'ACTIVE':
341 if oneTimePassword.keyChecksum == parameters['parameters']['oneTimePasswordKeyChecksum']: 338 if oneTimePassword.keyChecksum == parameters['parameters']['oneTimePasswordKeyChecksum']:
342 #session.userId =str(oneTimePassword.parent().username) 339 #session.userId =str(oneTimePassword.parent().username)
343 session.otpId = str(oneTimePassword.keyValue) 340 session.otpId = str(oneTimePassword.keyValue)
344 341
345 result['data'] = oneTimePassword.data 342 result['data'] = oneTimePassword.data
346 result['version'] = oneTimePassword.version 343 result['version'] = oneTimePassword.version
347 344
348 oneTimePassword.reset('REQUESTED').put() 345 oneTimePassword.reset('REQUESTED').put()
349 346
350 else: 347 else:
351 oneTimePassword.reset('DISABLED').put() 348 oneTimePassword.reset('DISABLED').put()
352 raise Exception, "The requested One Time Password has been disabled, due to a wrong keyChecksum" 349 raise Exception, "The requested One Time Password has been disabled, due to a wrong keyChecksum"
353 else: 350 else:
354 raise Exception, "The requested One Time Password was not active" 351 raise Exception, "The requested One Time Password was not active"
355 else: 352 else:
356 raise Exception, "The requested One Time Password has not been found" 353 raise Exception, "The requested One Time Password has not been found"
357 354
358 #---------------------------------------------------------------------- 355 #----------------------------------------------------------------------
359 356
360 elif method == 'message': 357 elif method == 'message':
361 if parameters['srpSharedSecret'] == session.K: 358 if parameters['srpSharedSecret'] == session.K:
362 message = parameters['message'] 359 message = parameters['message']
363 360
364 if message == 'getUserDetails': 361 if message == 'getUserDetails':
365 #{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} 362 #{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}}
366 user = db.Query(User).filter('username =', session.C).get() 363 user = db.Query(User).filter('username =', session.C).get()
367 364
368 result['header'] = user.header; 365 result['header'] = user.header;
369 result['statistics'] =user.statistics; 366 result['statistics'] =user.statistics;
370 result['version'] = user.version; 367 result['version'] = user.version;
371 368
372 elif message == "addNewRecords": 369 elif message == "addNewRecords":
373 user = db.Query(User).filter('username =', session.C).get() 370 user = db.Query(User).filter('username =', session.C).get()
374 result = db.run_in_transaction(self.addNewRecords, session, user, parameters) 371 result = db.run_in_transaction(self.addNewRecords, session, user, parameters)
375 372
376 """ 373 """
377 user = db.Query(User).filter('username =', session.C).get() 374 user = db.Query(User).filter('username =', session.C).get()
378 user.update(parameters['parameters']['user']) 375 user.update(parameters['parameters']['user'])
379 376
380 for recordParameter in parameters['parameters']['records']: 377 for recordParameter in parameters['parameters']['records']:
381 record = Record(parent=user) 378 record = Record(parent=user)
382 record.put() 379 record.put()
383 recordVersion = RecordVersion(parent=record) 380 recordVersion = RecordVersion(parent=record)
384 recordVersion.put() 381 recordVersion.put()
385 382
386 recordVersion.update(recordParameter) 383 recordVersion.update(recordParameter)
387 384
388 record.put() 385 record.put()
389 recordVersion.put() 386 recordVersion.put()
390 387
391 user.put(); 388 user.put();
392 389
393 result['lock'] = user.lock 390 result['lock'] = user.lock
394 result['result'] = 'done' 391 result['result'] = 'done'
395 """ 392 """
396 393
397 elif message == 'getRecordDetail': 394 elif message == 'getRecordDetail':
398 record = db.Query(Record).ancestor(db.Query(User).filter('username =', session.C).get()).filter('reference =', parameters["parameters"]["reference"]).get() 395 record = db.Query(Record).ancestor(db.Query(User).filter('username =', session.C).get()).filter('reference =', parameters["parameters"]["reference"]).get()
399 recordVersion = db.Query(RecordVersion).ancestor(record).get() 396 recordVersion = db.Query(RecordVersion).ancestor(record).get()
400 397
401 result['currentVersion'] = {} 398 result['currentVersion'] = {}
402 result['currentVersion']['reference'] = recordVersion.reference 399 result['currentVersion']['reference'] = recordVersion.reference
403 result['currentVersion']['data'] = recordVersion.data 400 result['currentVersion']['data'] = recordVersion.data
404 result['currentVersion']['header'] = recordVersion.header 401 result['currentVersion']['header'] = recordVersion.header
405 result['currentVersion']['version'] = recordVersion.version 402 result['currentVersion']['version'] = recordVersion.version
406 result['currentVersion']['creationDate'] =str(recordVersion.creation_date) 403 result['currentVersion']['creationDate'] =str(recordVersion.creation_date)
407 result['currentVersion']['updateDate'] =str(recordVersion.update_date) 404 result['currentVersion']['updateDate'] =str(recordVersion.update_date)
408 result['currentVersion']['accessDate'] =str(recordVersion.access_date) 405 result['currentVersion']['accessDate'] =str(recordVersion.access_date)
409 406