Parse the challenge response from the mothership
This commit is contained in:
@@ -1,3 +1,4 @@
|
||||
import json
|
||||
import os
|
||||
import urllib.request
|
||||
from logging.config import dictConfig
|
||||
@@ -63,10 +64,6 @@ def all_routes(path):
|
||||
redirect_path = '/'
|
||||
if len(secret_redirect_split) > 1:
|
||||
redirect_path = '/'.join(secret_redirect_split[1:])
|
||||
app.logger.info('starting new session with secret "%s"', secret)
|
||||
print(f'afterwards, redirecting to "{redirect_path}"')
|
||||
us = f'{request.host_url}{path}'
|
||||
print(us)
|
||||
# Ask the mothership if the secret is known to them, to prevent someone from just making up a URL
|
||||
# Mothership will invalidate this secret token upon handling this request to prevent replay
|
||||
try:
|
||||
@@ -74,9 +71,18 @@ def all_routes(path):
|
||||
with urllib.request.urlopen(f'{MOTHERSHIP}/verify/{secret}') as response:
|
||||
challenge_response = response.read()
|
||||
print(challenge_response)
|
||||
try:
|
||||
# Expects a JSON dict with {'correct': true/false}
|
||||
challenge_response_dict = json.loads(challenge_response)
|
||||
if challenge_response_dict.get('correct', False):
|
||||
# Start session if challenge response was successful
|
||||
session['id'] = secret
|
||||
app.logger.info('starting new session with secret "%s", afterwards redirecting to %s', secret, redirect_path)
|
||||
return redirect(redirect_path)
|
||||
app.logger.warning('new session aborted, secret "%s" was incorrect, not redirecting to %s', secret, redirect_path)
|
||||
except ValueError as e:
|
||||
app.logger.error('Error while decoding challenge response: %s', str(e))
|
||||
return 'Unable to set up session', 403
|
||||
except urllib.error.URLError as e:
|
||||
app.logger.error('lolwtf, server not found: %s', str(e.reason))
|
||||
return 'Unable to set up session', 403
|
||||
|
||||
Reference in New Issue
Block a user