Innovation/nightui
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Begin work on per-hardware/per-endpoint authentication

Browse source
This commit is contained in:
Innovation 2024-03-29 09:58:43 -05:00
parent 93e474d581
commit 0634e10109
1 changed files with 28 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
src/nightserver.py
View file

@ -18,9 +18,12 @@ def setVitalsHeartrate():
global vitalsHeartrate global vitalsHeartrate
json = request.get_json() json = request.get_json()
try: try:
if not authenticate(json['uuid'], '/api/vitals/heartrate'):
return 'Forbidden.', 403
vitalsHeartrate = json['heartrate'] vitalsHeartrate = json['heartrate']
except: except:
return 'Incorrect usage.\nUsage: { heartrate: INT }\n', 400 return 'Incorrect usage.\nUsage: { heartrate: INT, uuid: STRING }\n', 400
return 'Information set successfully', 204 return 'Information set successfully', 204
@app.route('/api/vitals/oxygen') @app.route('/api/vitals/oxygen')
@ -33,6 +36,9 @@ def setVitalsOxygen():
global vitalsOxygen global vitalsOxygen
json = request.get_json() json = request.get_json()
try: try:
if not authenticate(json['uuid'], '/api/vitals/oxygen'):
return 'Forbidden.', 403
vitalsOxygen = json['oxygen'] vitalsOxygen = json['oxygen']
except: except:
return 'Incorrect usage.\nUsage: { oxygen: INT }\n', 400 return 'Incorrect usage.\nUsage: { oxygen: INT }\n', 400
@ -48,6 +54,9 @@ def setVitalsBodytemp():
global vitalsBodytemp global vitalsBodytemp
json = request.get_json() json = request.get_json()
try: try:
if not authenticate(json['uuid'], '/api/vitals/bodytemp'):
return 'Forbidden.', 403
vitalsBodytemp = json['bodytemp'] vitalsBodytemp = json['bodytemp']
except: except:
return 'Incorrect usage.\nUsage: { bodytemp: FLOAT }\n', 400 return 'Incorrect usage.\nUsage: { bodytemp: FLOAT }\n', 400
@ -66,6 +75,8 @@ def setVitals():
json = request.get_json() json = request.get_json()
try: try:
if not authenticate(json['uuid'], '/api/vitals'):
return 'Forbidden.', 403
# This is a bit ugly but its just how I'm checking that everything is there without setting variables if the json is incorrect # This is a bit ugly but its just how I'm checking that everything is there without setting variables if the json is incorrect
tempH = json['heartrate'] tempH = json['heartrate']
tempO = json['oxygen'] tempO = json['oxygen']
@ -89,6 +100,9 @@ def setFitnessSteps():
global fitnessSteps global fitnessSteps
json = request.get_json() json = request.get_json()
try: try:
if not authenticate(json['uuid'], '/api/fitness/steps'):
return 'Forbidden.', 403
vitalsBodytemp = json['steps'] vitalsBodytemp = json['steps']
except: except:
return 'Incorrect usage.\nUsage: { steps: INT }\n', 400 return 'Incorrect usage.\nUsage: { steps: INT }\n', 400
@ -105,7 +119,10 @@ def setFitness():
global fitnessSteps global fitnessSteps
json = request.get_json() json = request.get_json()
try: try:
vitalsBodytemp = json['steps'] if not authenticate(json['uuid'], '/api/fitness'):
return 'Forbidden.', 403
fitnessSteps = json['steps']
except: except:
return 'Incorrect usage.\nUsage: { steps: INT }\n', 400 return 'Incorrect usage.\nUsage: { steps: INT }\n', 400
return 'Information set successfully', 204 return 'Information set successfully', 204
@ -174,7 +191,10 @@ def removeCyberware():
@app.route('/api/cyberware') @app.route('/api/cyberware')
def getCyberware(): def getCyberware():
return 'Not implemented', 501 return 'Not implemented', 501
#return jsonify(cyberware)
#if not authenticate(json['uuid'], '/api/cyberware'):
# return 'Forbidden.', 403
r#eturn jsonify(cyberware)
@app.route('/api/cyberware/get') @app.route('/api/cyberware/get')
def getCyberwareSpecific(): def getCyberwareSpecific():
@ -192,8 +212,13 @@ def getCyberwareSpecific():
# Arguments { uuid: INT } # Arguments { uuid: INT }
@app.route('/api/cyberware/reset', methods=['POST']) @app.route('/api/cyberware/reset', methods=['POST'])
def resetCyberwareMalfunction(): def resetCyberwareMalfunction():
#if not authenticate(json['uuid'], '/api/cyberware/reset'):
# return 'Forbidden.', 403
return 'Not Implemented', 501 return 'Not Implemented', 501
def authenticate(uuid, endpoint):
return true
@app.route('/') @app.route('/')
def uiindex(): def uiindex():