summaryrefslogtreecommitdiff
path: root/backend
Unidiff
Diffstat (limited to 'backend') (more/less context) (ignore whitespace changes)
-rw-r--r--backend/python/src/clipperz.py22
1 files changed, 10 insertions, 12 deletions
diff --git a/backend/python/src/clipperz.py b/backend/python/src/clipperz.py
index bd5d030..5476b4b 100644
--- a/backend/python/src/clipperz.py
+++ b/backend/python/src/clipperz.py
@@ -1,405 +1,403 @@
1# 1#
2 #Copyright 2008-2011 Clipperz Srl 2 #Copyright 2008-2013 Clipperz Srl
3 # 3 #
4 #This file is part of Clipperz Community Edition. 4 #This file is part of Clipperz, the online password manager.
5 #Clipperz Community Edition is an online password manager.
6 #For further information about its features and functionalities please 5 #For further information about its features and functionalities please
7 #refer to http://www.clipperz.com. 6 #refer to http://www.clipperz.com.
8 # 7 #
9 #* Clipperz Community Edition is free software: you can redistribute 8 #* Clipperz is free software: you can redistribute it and/or modify it
10 # it and/or modify it under the terms of the GNU Affero General Public 9# under the terms of the GNU Affero General Public License as published
11 # License as published by the Free Software Foundation, either version 10# by the Free Software Foundation, either version 3 of the License, or
12 # 3 of the License, or (at your option) any later version. 11# (at your option) any later version.
13 # 12 #
14 #* Clipperz Community Edition is distributed in the hope that it will 13 #* Clipperz is distributed in the hope that it will be useful, but
15 # be useful, but WITHOUT ANY WARRANTY; without even the implied 14# WITHOUT ANY WARRANTY; without even the implied warranty of
16 # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
17 # See the GNU Affero General Public License for more details. 16 # See the GNU Affero General Public License for more details.
18 # 17 #
19 #* You should have received a copy of the GNU Affero General Public 18 #* You should have received a copy of the GNU Affero General Public
20 # License along with Clipperz Community Edition. If not, see 19 # License along with Clipperz. If not, see http://www.gnu.org/licenses/.
21 # <http://www.gnu.org/licenses/>.
22# 20#
23 21
24import os 22import os
25import cgi 23import cgi
26import wsgiref.handlers 24import wsgiref.handlers
27 25
28import datetime 26import datetime
29import uuid 27import uuid
30import random 28import random
31import hashlib 29import hashlib
32 30
33import logging 31import logging
34 32
35from google.appengine.api import users 33from google.appengine.api import users
36from google.appengine.ext import webapp 34from google.appengine.ext import webapp
37from google.appengine.ext import db 35from google.appengine.ext import db
38from google.appengine.ext.webapp import template 36from google.appengine.ext.webapp import template
39 37
40from django.utils import simplejson 38from django.utils import simplejson
41 39
42#============================================================================== 40#==============================================================================
43 41
44sessionTimeout = datetime.timedelta(minutes=-2) 42sessionTimeout = datetime.timedelta(minutes=-2)
45 43
46def randomSeed(): 44def randomSeed():
47 return hex(random.getrandbits(32*8))[2:-1] 45 return hex(random.getrandbits(32*8))[2:-1]
48 46
49def clipperzHash(aString): 47def clipperzHash(aString):
50 #logging.info(">>> string: " + aString) 48 #logging.info(">>> string: " + aString)
51 firstRound = hashlib.sha256() 49 firstRound = hashlib.sha256()
52 firstRound.update(aString) 50 firstRound.update(aString)
53 #logging.info("firstRound: " + firstRound.hexdigest() + " - " + firstRound.digest()) 51 #logging.info("firstRound: " + firstRound.hexdigest() + " - " + firstRound.digest())
54 result = hashlib.sha256() 52 result = hashlib.sha256()
55 result.update(firstRound.digest()) 53 result.update(firstRound.digest())
56 #logging.info("<<< finalResul: " + result.hexdigest()) 54 #logging.info("<<< finalResul: " + result.hexdigest())
57 55
58 return result.hexdigest() 56 return result.hexdigest()
59 57
60#============================================================================== 58#==============================================================================
61 59
62class User(db.Model): 60class User(db.Model):
63 username= db.StringProperty() 61 username= db.StringProperty()
64 srp_s = db.StringProperty() 62 srp_s = db.StringProperty()
65 srp_v = db.StringProperty() 63 srp_v = db.StringProperty()
66 header = db.TextProperty() 64 header = db.TextProperty()
67 statistics= db.TextProperty() 65 statistics= db.TextProperty()
68 auth_version= db.StringProperty() 66 auth_version= db.StringProperty()
69 version = db.StringProperty() 67 version = db.StringProperty()
70 lock = db.StringProperty() 68 lock = db.StringProperty()
71 69
72 def updateCredentials(self, someCredentials): 70 def updateCredentials(self, someCredentials):
73 self.username = someCredentials['C'] 71 self.username = someCredentials['C']
74 self.srp_s = someCredentials['s'] 72 self.srp_s = someCredentials['s']
75 self.srp_v = someCredentials['v'] 73 self.srp_v = someCredentials['v']
76 self.auth_version= someCredentials['version'] 74 self.auth_version= someCredentials['version']
77 75
78 def update(self, someData): 76 def update(self, someData):
79 self.header = someData['header'] 77 self.header = someData['header']
80 self.statistics= someData['statistics'] 78 self.statistics= someData['statistics']
81 self.version= someData['version'] 79 self.version= someData['version']
82 self.lock = someData['lock'] 80 self.lock = someData['lock']
83 81
84#------------------------------------------------------------------------------ 82#------------------------------------------------------------------------------
85 83
86class Record(db.Model): 84class Record(db.Model):
87 user = db.ReferenceProperty(User) 85 user = db.ReferenceProperty(User)
88 reference = db.StringProperty() 86 reference = db.StringProperty()
89 data = db.TextProperty() 87 data = db.TextProperty()
90 version = db.StringProperty() 88 version = db.StringProperty()
91 creation_date= db.DateTimeProperty(auto_now_add=True) 89 creation_date= db.DateTimeProperty(auto_now_add=True)
92 update_date = db.DateTimeProperty(auto_now_add=True) 90 update_date = db.DateTimeProperty(auto_now_add=True)
93 access_date = db.DateTimeProperty(auto_now_add=True) 91 access_date = db.DateTimeProperty(auto_now_add=True)
94 92
95#------------------------------------------------------------------------------ 93#------------------------------------------------------------------------------
96 94
97class RecordVersion(db.Model): 95class RecordVersion(db.Model):
98 record = db.ReferenceProperty(Record) 96 record = db.ReferenceProperty(Record)
99 reference = db.StringProperty() 97 reference = db.StringProperty()
100 header = db.TextProperty() 98 header = db.TextProperty()
101 data = db.TextProperty() 99 data = db.TextProperty()
102 version = db.StringProperty() 100 version = db.StringProperty()
103 previousVersionKey= db.StringProperty() 101 previousVersionKey= db.StringProperty()
104 previousVersion = db.SelfReferenceProperty() 102 previousVersion = db.SelfReferenceProperty()
105 creation_date = db.DateTimeProperty(auto_now_add=True) 103 creation_date = db.DateTimeProperty(auto_now_add=True)
106 update_date = db.DateTimeProperty(auto_now_add=True) 104 update_date = db.DateTimeProperty(auto_now_add=True)
107 access_date = db.DateTimeProperty(auto_now_add=True) 105 access_date = db.DateTimeProperty(auto_now_add=True)
108 106
109 def update(self, someData): 107 def update(self, someData):
110 recordData = someData['record']; 108 recordData = someData['record'];
111 self.parent().reference =recordData['reference'] 109 self.parent().reference =recordData['reference']
112 self.parent().data = recordData['data'] 110 self.parent().data = recordData['data']
113 self.parent().version = recordData['version'] 111 self.parent().version = recordData['version']
114 self.parent().update_date =datetime.datetime.now() 112 self.parent().update_date =datetime.datetime.now()
115 113
116 recordVersionData = someData['currentRecordVersion']; 114 recordVersionData = someData['currentRecordVersion'];
117 self.reference = recordVersionData ['reference'] 115 self.reference = recordVersionData ['reference']
118 self.data = recordVersionData ['data'] 116 self.data = recordVersionData ['data']
119 self.version = recordVersionData ['version'] 117 self.version = recordVersionData ['version']
120 #self.previous_version =#recordVersionData ['previousVersion'] 118 #self.previous_version =#recordVersionData ['previousVersion']
121 self.previous_version_key =recordVersionData ['previousVersionKey'] 119 self.previous_version_key =recordVersionData ['previousVersionKey']
122 self.update_date = datetime.datetime.now() 120 self.update_date = datetime.datetime.now()
123 121
124#------------------------------------------------------------------------------ 122#------------------------------------------------------------------------------
125 123
126class OneTimePassword(db.Model): 124class OneTimePassword(db.Model):
127 user = db.ReferenceProperty(User) 125 user = db.ReferenceProperty(User)
128 status = db.StringProperty() 126 status = db.StringProperty()
129 reference = db.StringProperty() 127 reference = db.StringProperty()
130 keyValue = db.StringProperty() 128 keyValue = db.StringProperty()
131 keyChecksum = db.StringProperty() 129 keyChecksum = db.StringProperty()
132 data = db.TextProperty() 130 data = db.TextProperty()
133 version = db.StringProperty() 131 version = db.StringProperty()
134 creation_date= db.DateTimeProperty(auto_now_add=True) 132 creation_date= db.DateTimeProperty(auto_now_add=True)
135 request_date= db.DateTimeProperty() 133 request_date= db.DateTimeProperty()
136 usage_date = db.DateTimeProperty() 134 usage_date = db.DateTimeProperty()
137 135
138 def update(self, someParameters, aStatus): 136 def update(self, someParameters, aStatus):
139 self.reference = someParameters['reference'] 137 self.reference = someParameters['reference']
140 self.keyValue = someParameters['key'] 138 self.keyValue = someParameters['key']
141 self.keyChecksum = someParameters['keyChecksum'] 139 self.keyChecksum = someParameters['keyChecksum']
142 self.data = someParameters['data'] 140 self.data = someParameters['data']
143 self.version = someParameters['version'] 141 self.version = someParameters['version']
144 self.status = aStatus 142 self.status = aStatus
145 143
146 def reset(self, aStatus): 144 def reset(self, aStatus):
147 self.data = "" 145 self.data = ""
148 self.status =aStatus 146 self.status =aStatus
149 147
150 return self 148 return self
151 149
152#------------------------------------------------------------------------------ 150#------------------------------------------------------------------------------
153 151
154class Session(db.Expando): 152class Session(db.Expando):
155 sessionId= db.StringProperty() 153 sessionId= db.StringProperty()
156 access_date= db.DateTimeProperty() 154 access_date= db.DateTimeProperty()
157 155
158#============================================================================== 156#==============================================================================
159 157
160class MainPage(webapp.RequestHandler): 158class MainPage(webapp.RequestHandler):
161 def get(self): 159 def get(self):
162 path = os.path.join(os.path.dirname(__file__), 'static%s' % self.request.path) 160 path = os.path.join(os.path.dirname(__file__), 'static%s' % self.request.path)
163 self.response.out.write(template.render(path, {})) 161 self.response.out.write(template.render(path, {}))
164 162
165#============================================================================== 163#==============================================================================
166 164
167class XHR(webapp.RequestHandler): 165class XHR(webapp.RequestHandler):
168 166
169 #========================================================================== 167 #==========================================================================
170 168
171 def get(self): 169 def get(self):
172 logging.info("self.request.path: " + self.request.path) 170 logging.info("self.request.path: " + self.request.path)
173 if self.request.path == "/dump": 171 if self.request.path == "/dump":
174 session = self.getSession() 172 session = self.getSession()
175 userData = {} 173 userData = {}
176 offline_data_placeholder = "" 174 offline_data_placeholder = ""
177 175
178 user = db.Query(User).filter('username =', session.C).get() 176 user = db.Query(User).filter('username =', session.C).get()
179 177
180 userData['users'] = { 178 userData['users'] = {
181 'catchAllUser': { 179 'catchAllUser': {
182 '__masterkey_test_value__': 'masterkey', 180 '__masterkey_test_value__': 'masterkey',
183 's': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00', 181 's': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00',
184 'v': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00' 182 'v': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00'
185 } 183 }
186 } 184 }
187 185
188 records = {} 186 records = {}
189 for currentRecord in db.Query(Record).ancestor(user): 187 for currentRecord in db.Query(Record).ancestor(user):
190 versions = {} 188 versions = {}
191 for currentVersion in db.Query(RecordVersion).ancestor(currentRecord): 189 for currentVersion in db.Query(RecordVersion).ancestor(currentRecord):
192 versions[currentVersion.reference] ={ 190 versions[currentVersion.reference] ={
193 'header': currentVersion.header, 191 'header': currentVersion.header,
194 'data': currentVersion.data, 192 'data': currentVersion.data,
195 'version': currentVersion.version, 193 'version': currentVersion.version,
196 'creationDate':str(currentVersion.creation_date), 194 'creationDate':str(currentVersion.creation_date),
197 'updateDate':str(currentVersion.update_date), 195 'updateDate':str(currentVersion.update_date),
198 'accessDate':str(currentVersion.access_date) 196 'accessDate':str(currentVersion.access_date)
199 } 197 }
200 198
201 records[currentRecord.reference] = { 199 records[currentRecord.reference] = {
202 'data': currentRecord.data, 200 'data': currentRecord.data,
203 'version': currentRecord.version, 201 'version': currentRecord.version,
204 'creationDate': str(currentRecord.creation_date), 202 'creationDate': str(currentRecord.creation_date),
205 'updateDate': str(currentRecord.update_date), 203 'updateDate': str(currentRecord.update_date),
206 'accessDate': str(currentRecord.access_date), 204 'accessDate': str(currentRecord.access_date),
207 'currentVersion':currentVersion.reference, 205 'currentVersion':currentVersion.reference,
208 'versions': versions 206 'versions': versions
209 } 207 }
210 208
211 userData['users'][user.username] = { 209 userData['users'][user.username] = {
212 's': user.srp_s, 210 's': user.srp_s,
213 'v': user.srp_v, 211 'v': user.srp_v,
214 'version': user.auth_version, 212 'version': user.auth_version,
215 'maxNumberOfRecords':'100', 213 'maxNumberOfRecords':'100',
216 'userDetails': user.header, 214 'userDetails': user.header,
217 'statistics': user.statistics, 215 'statistics': user.statistics,
218 'userDetailsVersion':user.version, 216 'userDetailsVersion':user.version,
219 'records': records 217 'records': records
220 } 218 }
221 219
222 offline_data_placeholder = offline_data_placeholder + "_clipperz_dump_data_ = " + simplejson.dumps(userData, indent=4) + "\n" 220 offline_data_placeholder = offline_data_placeholder + "_clipperz_dump_data_ = " + simplejson.dumps(userData, indent=4) + "\n"
223 offline_data_placeholder = offline_data_placeholder + "Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();" + "\n" 221 offline_data_placeholder = offline_data_placeholder + "Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();" + "\n"
224 offline_data_placeholder = offline_data_placeholder + "Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();" + "\n" 222 offline_data_placeholder = offline_data_placeholder + "Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();" + "\n"
225 223
226 path = os.path.join(os.path.dirname(__file__), 'static/dump.html') 224 path = os.path.join(os.path.dirname(__file__), 'static/dump.html')
227 225
228 self.response.headers.add_header('Content-Type', 'text/html') 226 self.response.headers.add_header('Content-Type', 'text/html')
229 self.response.headers.add_header('Content-Disposition', 'attachment', filename='Clipperz.html') 227 self.response.headers.add_header('Content-Disposition', 'attachment', filename='Clipperz.html')
230 self.response.out.write(template.render(path, {'offline_data_placeholder': offline_data_placeholder})) 228 self.response.out.write(template.render(path, {'offline_data_placeholder': offline_data_placeholder}))
231 229
232 #========================================================================== 230 #==========================================================================
233 231
234 def post(self): 232 def post(self):
235 method = self.request.get('method') 233 method = self.request.get('method')
236 parameters = simplejson.loads(self.request.get('parameters')) 234 parameters = simplejson.loads(self.request.get('parameters'))
237 session = self.getSession() 235 session = self.getSession()
238 result = {}; 236 result = {};
239 237
240 #---------------------------------------------------------------------- 238 #----------------------------------------------------------------------
241 239
242 if method == 'registration': 240 if method == 'registration':
243 message = parameters['message']; 241 message = parameters['message'];
244 242
245 if message == 'completeRegistration': 243 if message == 'completeRegistration':
246 user = User() 244 user = User()
247 245
248 user.updateCredentials(parameters['credentials']) 246 user.updateCredentials(parameters['credentials'])
249 user.update(parameters['user']) 247 user.update(parameters['user'])
250 user.put() 248 user.put()
251 249
252 result['lock'] = user.lock 250 result['lock'] = user.lock
253 result['result'] = "done" 251 result['result'] = "done"
254 252
255 #---------------------------------------------------------------------- 253 #----------------------------------------------------------------------
256 254
257 elif method == 'handshake': 255 elif method == 'handshake':
258 srp_g = 2L 256 srp_g = 2L
259 srp_n = long("0x%s" % "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16) 257 srp_n = long("0x%s" % "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16)
260 258
261 message = parameters['message']; 259 message = parameters['message'];
262 260
263 #------------------------------------------------------------------ 261 #------------------------------------------------------------------
264 262
265 if message == 'connect': 263 if message == 'connect':
266 session.C = parameters['parameters']['C'] 264 session.C = parameters['parameters']['C']
267 session.A = parameters['parameters']['A'] 265 session.A = parameters['parameters']['A']
268 266
269 user = db.Query(User).filter('username =', session.C).get() 267 user = db.Query(User).filter('username =', session.C).get()
270 268
271 if user != None: 269 if user != None:
272 try: 270 try:
273 optId = session.otpId 271 optId = session.otpId
274 272
275 oneTimePassword = db.Query(OneTimePassword).filter('keyValue =', optId).get() 273 oneTimePassword = db.Query(OneTimePassword).filter('keyValue =', optId).get()
276 274
277 if oneTimePassword.parent().username != user.username: 275 if oneTimePassword.parent().username != user.username:
278 oneTimePassword.reset('DISABLED').put() 276 oneTimePassword.reset('DISABLED').put()
279 raise Exception, "User missmatch between the current session and 'One Time Password' user" 277 raise Exception, "User missmatch between the current session and 'One Time Password' user"
280 elif oneTimePassword.status != 'REQUESTED': 278 elif oneTimePassword.status != 'REQUESTED':
281 oneTimePassword.reset('DISABLED').put() 279 oneTimePassword.reset('DISABLED').put()
282 raise Exception, "Tring to use an 'One Time Password' in the wrong state" 280 raise Exception, "Tring to use an 'One Time Password' in the wrong state"
283 281
284 oneTimePassword.reset("USED").put() 282 oneTimePassword.reset("USED").put()
285 283
286 result['oneTimePassword'] = oneTimePassword.reference 284 result['oneTimePassword'] = oneTimePassword.reference
287 285
288 except Exception, detail: 286 except Exception, detail:
289 logging.error("connect.optId: " + str(detail)) 287 logging.error("connect.optId: " + str(detail))
290 288
291 session.s = user.srp_s 289 session.s = user.srp_s
292 session.v = user.srp_v 290 session.v = user.srp_v
293 else: 291 else:
294 session.s = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00" 292 session.s = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"
295 session.v = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00" 293 session.v = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"
296 294
297 session.b = randomSeed() 295 session.b = randomSeed()
298 session.B = hex(long("0x%s" % session.v, 16) + pow(srp_g, long("0x%s" %session.b, 16), srp_n))[2:-1] 296 session.B = hex(long("0x%s" % session.v, 16) + pow(srp_g, long("0x%s" %session.b, 16), srp_n))[2:-1]
299 297
300 result['s'] = session.s 298 result['s'] = session.s
301 result['B'] = session.B 299 result['B'] = session.B
302 300
303 #------------------------------------------------------------------ 301 #------------------------------------------------------------------
304 302
305 elif message == 'credentialCheck': 303 elif message == 'credentialCheck':
306 B = long("0x%s" % session.B, 16) 304 B = long("0x%s" % session.B, 16)
307 b = long("0x%s" % session.b, 16) 305 b = long("0x%s" % session.b, 16)
308 A = long("0x%s" % session.A, 16) 306 A = long("0x%s" % session.A, 16)
309 v = long("0x%s" % session.v, 16) 307 v = long("0x%s" % session.v, 16)
310 u = long("0x%s" % clipperzHash(str(B)), 16) 308 u = long("0x%s" % clipperzHash(str(B)), 16)
311 n = srp_n 309 n = srp_n
312 310
313 S = pow((A * pow(v, u, n)), b, n) 311 S = pow((A * pow(v, u, n)), b, n)
314 K = clipperzHash(str(S)) 312 K = clipperzHash(str(S))
315 M1 = clipperzHash(str(A) + str(B) + K) 313 M1 = clipperzHash(str(A) + str(B) + K)
316 314
317 if M1 == parameters['parameters']['M1']: 315 if M1 == parameters['parameters']['M1']:
318 session.K = K 316 session.K = K
319 M2 = clipperzHash(str(A) + M1 + K) 317 M2 = clipperzHash(str(A) + M1 + K)
320 318
321 result['M2'] = M2 319 result['M2'] = M2
322 result["connectionId"] = "" 320 result["connectionId"] = ""
323 result["loginInfo"] = {} 321 result["loginInfo"] = {}
324 result["loginInfo"]["latest"] = {} 322 result["loginInfo"]["latest"] = {}
325 result["loginInfo"]["current"] = {} 323 result["loginInfo"]["current"] = {}
326 result["offlineCopyNeeded"] = "false"; 324 result["offlineCopyNeeded"] = "false";
327 result["lock"] = "----"; 325 result["lock"] = "----";
328 else: 326 else:
329 result['error'] = "?" 327 result['error'] = "?"
330 328
331 #------------------------------------------------------------------ 329 #------------------------------------------------------------------
332 330
333 elif message == 'oneTimePassword': 331 elif message == 'oneTimePassword':
334 oneTimePassword = db.Query(OneTimePassword).filter("keyValue =", parameters["parameters"]["oneTimePasswordKey"]).get() 332 oneTimePassword = db.Query(OneTimePassword).filter("keyValue =", parameters["parameters"]["oneTimePasswordKey"]).get()
335 333
336 if oneTimePassword != None: 334 if oneTimePassword != None:
337 if oneTimePassword.status == 'ACTIVE': 335 if oneTimePassword.status == 'ACTIVE':
338 if oneTimePassword.keyChecksum == parameters['parameters']['oneTimePasswordKeyChecksum']: 336 if oneTimePassword.keyChecksum == parameters['parameters']['oneTimePasswordKeyChecksum']:
339 #session.userId =str(oneTimePassword.parent().username) 337 #session.userId =str(oneTimePassword.parent().username)
340 session.otpId = str(oneTimePassword.keyValue) 338 session.otpId = str(oneTimePassword.keyValue)
341 339
342 result['data'] = oneTimePassword.data 340 result['data'] = oneTimePassword.data
343 result['version'] = oneTimePassword.version 341 result['version'] = oneTimePassword.version
344 342
345 oneTimePassword.reset('REQUESTED').put() 343 oneTimePassword.reset('REQUESTED').put()
346 344
347 else: 345 else:
348 oneTimePassword.reset('DISABLED').put() 346 oneTimePassword.reset('DISABLED').put()
349 raise Exception, "The requested One Time Password has been disabled, due to a wrong keyChecksum" 347 raise Exception, "The requested One Time Password has been disabled, due to a wrong keyChecksum"
350 else: 348 else:
351 raise Exception, "The requested One Time Password was not active" 349 raise Exception, "The requested One Time Password was not active"
352 else: 350 else:
353 raise Exception, "The requested One Time Password has not been found" 351 raise Exception, "The requested One Time Password has not been found"
354 352
355 #---------------------------------------------------------------------- 353 #----------------------------------------------------------------------
356 354
357 elif method == 'message': 355 elif method == 'message':
358 if parameters['srpSharedSecret'] == session.K: 356 if parameters['srpSharedSecret'] == session.K:
359 message = parameters['message'] 357 message = parameters['message']
360 358
361 if message == 'getUserDetails': 359 if message == 'getUserDetails':
362 #{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} 360 #{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}}
363 user = db.Query(User).filter('username =', session.C).get() 361 user = db.Query(User).filter('username =', session.C).get()
364 362
365 result['header'] = user.header; 363 result['header'] = user.header;
366 result['statistics'] =user.statistics; 364 result['statistics'] =user.statistics;
367 result['version'] = user.version; 365 result['version'] = user.version;
368 366
369 elif message == "addNewRecords": 367 elif message == "addNewRecords":
370 user = db.Query(User).filter('username =', session.C).get() 368 user = db.Query(User).filter('username =', session.C).get()
371 result = db.run_in_transaction(self.addNewRecords, session, user, parameters) 369 result = db.run_in_transaction(self.addNewRecords, session, user, parameters)
372 370
373 """ 371 """
374 user = db.Query(User).filter('username =', session.C).get() 372 user = db.Query(User).filter('username =', session.C).get()
375 user.update(parameters['parameters']['user']) 373 user.update(parameters['parameters']['user'])
376 374
377 for recordParameter in parameters['parameters']['records']: 375 for recordParameter in parameters['parameters']['records']:
378 record = Record(parent=user) 376 record = Record(parent=user)
379 record.put() 377 record.put()
380 recordVersion = RecordVersion(parent=record) 378 recordVersion = RecordVersion(parent=record)
381 recordVersion.put() 379 recordVersion.put()
382 380
383 recordVersion.update(recordParameter) 381 recordVersion.update(recordParameter)
384 382
385 record.put() 383 record.put()
386 recordVersion.put() 384 recordVersion.put()
387 385
388 user.put(); 386 user.put();
389 387
390 result['lock'] = user.lock 388 result['lock'] = user.lock
391 result['result'] = 'done' 389 result['result'] = 'done'
392 """ 390 """
393 391
394 elif message == 'getRecordDetail': 392 elif message == 'getRecordDetail':
395 record = db.Query(Record).ancestor(db.Query(User).filter('username =', session.C).get()).filter('reference =', parameters["parameters"]["reference"]).get() 393 record = db.Query(Record).ancestor(db.Query(User).filter('username =', session.C).get()).filter('reference =', parameters["parameters"]["reference"]).get()
396 recordVersion = db.Query(RecordVersion).ancestor(record).get() 394 recordVersion = db.Query(RecordVersion).ancestor(record).get()
397 395
398 result['currentVersion'] = {} 396 result['currentVersion'] = {}
399 result['currentVersion']['reference'] = recordVersion.reference 397 result['currentVersion']['reference'] = recordVersion.reference
400 result['currentVersion']['data'] = recordVersion.data 398 result['currentVersion']['data'] = recordVersion.data
401 result['currentVersion']['header'] = recordVersion.header 399 result['currentVersion']['header'] = recordVersion.header
402 result['currentVersion']['version'] = recordVersion.version 400 result['currentVersion']['version'] = recordVersion.version
403 result['currentVersion']['creationDate'] =str(recordVersion.creation_date) 401 result['currentVersion']['creationDate'] =str(recordVersion.creation_date)
404 result['currentVersion']['updateDate'] =str(recordVersion.update_date) 402 result['currentVersion']['updateDate'] =str(recordVersion.update_date)
405 result['currentVersion']['accessDate'] =str(recordVersion.access_date) 403 result['currentVersion']['accessDate'] =str(recordVersion.access_date)