+ if info.pw_dir == None: return False
+ pinfile = os.path.join(info.pw_dir, '.pin')
+ try:
+ s = os.stat(pinfile)
+ except OSError:
+ logging.info('getting pin for uid %d: .pin not found in home directory'%userId)
+ return False
+ if s.st_mode & 077:
+ logging.info('getting pin for uid %d: .pin has wrong permissions. Fixing.'%userId)
+ os.chmod(pinfile, 0600)
+ try:
+ f = file(pinfile)
+ except IOError:
+ logging.info('getting pin for uid %d: I cannot read pin file'%userId)
+ return False
+ pinstr = f.readline().strip()
+ f.close()
+ if not re.search('^[0-9]{4}$', pinstr):
+ logging.info('getting pin for uid %d: %s not a good pin'%(userId,repr(pinstr)))
+ return False
+
+ if pinstr == str(pin):
+ #Login Successful
+ self._userid = userId
+ self._loggedIn = True
+ self._disabled = False
+ self._username = info.pw_name
+ return True
+
+ # Login Unsuccessful
+ return False
+
+ def authMifareCard(self, cardId):
+ self._loggedIn = False
+ self._username = None
+ if DISPSRV_MIFARE:
+ card_base64 = base64.b64encode(cardId)
+
+ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
+ sock.connect(DISPENSE_ENDPOINT)
+ logging.debug('connected to dispsrv')
+ sockf = sock.makefile()
+ sockf.write("AUTHIDENT\n"); sockf.flush()
+ rsp = sockf.readline()
+ assert "200" in rsp
+ logging.debug('authenticated')
+ sockf.write("AUTHCARD %s\n" % (card_base64,)); sockf.flush()
+ rsp = sockf.readline()
+ if not "200" in rsp:
+ logging.info("Rejected card base64:%s" % (card_base64,))
+ return False
+ username = rsp.split('=')[1].strip()
+ logging.info("Accepted card base64:%s for %s" % (card_base64,username,))
+
+ # Check for thier username
+ try:
+ # Get info from the system (by username)
+ info = pwd.getpwnam(username)
+ except KeyError:
+ logging.info('getting info for user \'%s\': user not in password file' % (username,))
+ return False
+ else:
+ # Get the users ID
+ self._userid = get_uid(cardId)
+
+ # Check for thier username
+ try:
+ # Get info from the system (by UID)
+ info = pwd.getpwuid(self._userid)
+ except KeyError:
+ logging.info('getting info for uid %d: user not in password file' % (self._userid,))
+ return False
+
+ # If we get this far all is good
+ self._loggedIn = True
+ self._disabled = False
+ self._userid = info.pw_uid
+ self._username = info.pw_name
+ return True
+ def logOut(self):
+ self._loggedIn = False
+ self._disabled = False
+ self._userId = None
+ self._username = None