X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=VendServer%2FOpenDispense.py;h=79cec66b0b180b2b04813ec60368ac255cfed83b;hb=115d5500cfbdc1543f64602cb2b1b0764dcbb276;hp=a802e78277ec8091df4aa820a937c92798b7722f;hpb=1290fcdd454618a5b61f27d81d3312d95d933206;p=uccvend-vendserver.git diff --git a/VendServer/OpenDispense.py b/VendServer/OpenDispense.py index a802e78..79cec66 100644 --- a/VendServer/OpenDispense.py +++ b/VendServer/OpenDispense.py @@ -30,6 +30,41 @@ class OpenDispense(DispenseInterface): pass def authUserIdPin(self, userId, pin): + return self.authUserIdPin_db(userId, pin) + #return self.authUserIdPin_file(userId, pin) + + def authUserIdPin_db(self, userId, pin): + userId = int(userId) + + try: + # Get username (TODO: Store the user ID in the dispense database too) + info = pwd.getpwuid(userId) + except KeyError: + logging.info('getting pin for uid %d: user not in password file'%userId) + return False + + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) + sock.connect(DISPENSE_ENDPOINT) + logging.debug('connected to dispsrv') + sockf = sock.makefile() + sockf.write("AUTHIDENT\n"); sockf.flush() + rsp = sockf.readline() + assert "200" in rsp + logging.debug('authenticated') + sockf.write("PIN_CHECK %s %s\n" % (info.pw_name, pin)); sockf.flush() + rsp = sockf.readline() + if not "200" in rsp: + logging.info('checking pin for uid %d: Server said no - %r' % (userId, rsp)) + return False + #Login Successful + logging.info('accepted pin for uid %d \'%s\'' % (userId, info.pw_name)) + self._userid = userId + self._loggedIn = True + self._disabled = False + self._username = info.pw_name + return True + + def authUserIdPin_file(self, userId, pin): userId = int(userId) try: @@ -88,8 +123,10 @@ class OpenDispense(DispenseInterface): sockf.write("AUTHCARD %s\n" % (card_base64,)); sockf.flush() rsp = sockf.readline() if not "200" in rsp: - return False + logging.info("Rejected card base64:%s" % (card_base64,)) + return False username = rsp.split('=')[1].strip() + logging.info("Accepted card base64:%s for %s" % (card_base64,username,)) # Check for thier username try: