From: John Hodge Date: Sat, 16 Nov 2019 06:59:38 +0000 (+0800) Subject: MIFARE Login - Add a blacklist of known-bad cards X-Git-Url: https://git.ucc.asn.au/?a=commitdiff_plain;ds=inline;p=uccvend-vendserver.git MIFARE Login - Add a blacklist of known-bad cards --- diff --git a/VendServer/OpenDispense.py b/VendServer/OpenDispense.py index 79cec66..6b93058 100644 --- a/VendServer/OpenDispense.py +++ b/VendServer/OpenDispense.py @@ -20,6 +20,13 @@ from LDAPConnector import get_uid,get_uname, set_card_id DISPENSE_ENDPOINT = ("localhost", 11020) DISPSRV_MIFARE = True +# A list of cards that should never be registered, and should never log in +# - Some of these might have been registered before we knew they were duplicates +CARD_BLACKLIST = [ + 'AAAAAA==', # All zeroes, don't allow that. + 'ISIjJA==', # CommBank credit cards + ] + class OpenDispense(DispenseInterface): _username = "" _disabled = True @@ -111,6 +118,10 @@ class OpenDispense(DispenseInterface): self._username = None if DISPSRV_MIFARE: card_base64 = base64.b64encode(cardId) + + if card_base64 in CARD_BLACKLIST: + logging.info("Blacklisted card base64:%s" % (card_base64,)) + return False sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) sock.connect(DISPENSE_ENDPOINT) @@ -128,13 +139,16 @@ class OpenDispense(DispenseInterface): username = rsp.split('=')[1].strip() logging.info("Accepted card base64:%s for %s" % (card_base64,username,)) - # Check for thier username - try: - # Get info from the system (by username) - info = pwd.getpwnam(username) - except KeyError: - logging.info('getting info for user \'%s\': user not in password file' % (username,)) - return False + ## Check for thier username + #try: + # # Get info from the system (by username) + # info = pwd.getpwnam(username) + #except KeyError: + # logging.info('getting info for user \'%s\': user not in password file' % (username,)) + # return False + #self._userid = info.pw_uid + self._userid = None + self._username = username else: # Get the users ID self._userid = get_uid(cardId) @@ -146,13 +160,13 @@ class OpenDispense(DispenseInterface): except KeyError: logging.info('getting info for uid %d: user not in password file' % (self._userid,)) return False + self._username = info.pw_name # If we get this far all is good self._loggedIn = True self._disabled = False - self._userid = info.pw_uid - self._username = info.pw_name return True + def logOut(self): self._loggedIn = False self._disabled = False @@ -164,7 +178,10 @@ class OpenDispense(DispenseInterface): return False if DISPSRV_MIFARE: card_base64 = base64.b64encode(cardId) - logging.info('Enrolling card %s to uid %s (%s)' % (cardId, self._userId, self._username)) + if card_base64 in CARD_BLACKLIST: + logging.info("Blacklisted card base64:%s" % (card_base64,)) + return False + logging.info('Enrolling card base64:%s to uid %s (%s)' % (card_base64, self._userId, self._username)) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) sock.connect(DISPENSE_ENDPOINT) sockf = sock.makefile() @@ -263,3 +280,5 @@ class OpenDispenseMapping(): print(map) return map + +# vim: noexpandtab ts=4 sw=4