diff options
Diffstat (limited to 'server')
-rw-r--r-- | server/piztor/ptp.rst | 2 | ||||
-rw-r--r-- | server/piztor/server.py | 36 |
2 files changed, 37 insertions, 1 deletions
diff --git a/server/piztor/ptp.rst b/server/piztor/ptp.rst index be63205..3ba2c34 100644 --- a/server/piztor/ptp.rst +++ b/server/piztor/ptp.rst @@ -275,7 +275,7 @@ Piztor Transmission Protocol v2.0b - ``0x00`` for success - ``0x01`` for invalid token - - ``0x02`` for wrong password + - ``0x03`` for wrong password - Push Notification diff --git a/server/piztor/server.py b/server/piztor/server.py index b5739ef..1d1adc9 100644 --- a/server/piztor/server.py +++ b/server/piztor/server.py @@ -63,11 +63,13 @@ class _OptCode: open_push_tunnel = 0x05 send_text_mesg = 0x06 set_marker = 0x07 + change_password = 0x08 class _StatusCode: sucess = 0x00 auth_fail = 0x01 insuf_lvl = 0x02 + wrong_pass = 0x02 class PushData(object): from hashlib import sha256 @@ -641,6 +643,40 @@ class SetMarkerHandler(RequestHandler): logger.info("Set marker successfully!") return self.pack(struct.pack("!B", _StatusCode.sucess)) +class ChangePasswordHandler(RequestHandler): + + _optcode = _OptCode.change_password + _max_tr_data_size = _MAX_AUTH_HEAD_SIZE + + def handle(self, tr_data, conn): + self.check_size(tr_data) + logger.info("Reading change password data...") + try: + token, = struct.unpack("!32s", tr_data[:32]) + username, tail = RequestHandler.trunc_padding(tr_data[32:]) + if username is None: + raise struct.error + old_pass, tail = RequestHandler.trunc_padding(tail) + new_pass = tail[:-1] + except struct.error: + raise BadReqError("User logout: Malformed request body") + + logger.info("Trying to change password with " + "(token = {0}, username = {1}, old_pass = {2}, new_pass = {3})"\ + .format(get_hex(token), username, old_pass, new_pass)) + + uauth = RequestHandler.get_uauth(token, username, self.session) + # Authentication failure + if uauth is None: + logger.warning("Authentication failure") + return self.pack(struct.pack("!B", _StatusCode.auth_fail)) + if not uauth.check_password(old_pass): + return self.pack(struct.pack("!B", _StatusCode.wrong_pass)) + uauth.set_password(new_pass) + self.session.commit() + logger.info("Password changed successfully!") + return self.pack(struct.pack("!B", _StatusCode.sucess)) + class PTP(Protocol, TimeoutMixin): |