From 912d875d114451b5c1c7208fb822752ed0e27d14 Mon Sep 17 00:00:00 2001
From: KF7EEL <kf7eel@qsl.net>
Date: Fri, 7 May 2021 07:56:21 -0700
Subject: [PATCH] generate passphrase via web ui, add shared secret to
 hblink.py

---
 config.py                             |   2 +
 hblink.py                             |   4 +-
 user_managment/application.py         | 115 +++++++++++++++++++-------
 user_managment/config.py              |  30 +++++++
 user_managment/templates/footer.html  |   5 ++
 user_managment/templates/generic.html |   5 ++
 user_managment/templates/header.html  |  11 +++
 user_managment/templates/page.html    |  22 +++++
 8 files changed, 162 insertions(+), 32 deletions(-)
 create mode 100644 user_managment/config.py
 create mode 100644 user_managment/templates/footer.html
 create mode 100644 user_managment/templates/generic.html
 create mode 100644 user_managment/templates/header.html
 create mode 100644 user_managment/templates/page.html

diff --git a/config.py b/config.py
index 3ad4a26..ca0aafe 100755
--- a/config.py
+++ b/config.py
@@ -158,6 +158,8 @@ def build_config(_config_file):
                 CONFIG['USER_MANAGER'].update({
                     'URL': config.get(section, 'URL'),
                     'APPEND_INT': config.getint(section, 'APPEND_INT'),
+                    'SHARED_SECRET': config.get(section, 'SHARED_SECRET'),
+
                 })
 
             elif config.getboolean(section, 'ENABLED'):
diff --git a/hblink.py b/hblink.py
index 162f73b..0c02429 100755
--- a/hblink.py
+++ b/hblink.py
@@ -238,9 +238,11 @@ class HBSYSTEM(DatagramProtocol):
     def check_user_man(self, _id):
         #Change this to a config value
         user_man_url = self._CONFIG['USER_MANAGER']['URL']
+        shared_secret = self._CONFIG['USER_MANAGER']['SHARED_SECRET']
         print(int(str(int_id(_id))[:7]))
         auth_check = {
-        'id':int(str(int_id(_id))[:7])
+        'id':int(str(int_id(_id))[:7]),
+        'secret':shared_secret
         }
         json_object = json.dumps(auth_check, indent = 4)
         try:
diff --git a/user_managment/application.py b/user_managment/application.py
index 8d5bafd..e0e0c71 100644
--- a/user_managment/application.py
+++ b/user_managment/application.py
@@ -1,51 +1,104 @@
 from flask import Flask, render_template, request, Response, Markup, jsonify, make_response
+from config import *
+import base64, hashlib
+from dmr_utils3.utils import int_id, bytes_4
 
-auth_dict = {
-    3153591:0,
-    3153597:''
-    }
+auth_dict = {}
 
 
 
 app = Flask(__name__)
 
+def gen_passphrase(dmr_id):
+    _new_peer_id = bytes_4(int(str(dmr_id)[:7]))
+    calc_passphrase = base64.b64encode((_new_peer_id) + append_int.to_bytes(2, 'big'))
+    return str(calc_passphrase)[2:-1]
+
+
+@app.route('/gen', methods = ['POST', 'GET'])
+def gen():
+    #content = Markup('<strong>The HTML String</strong>')
+    user_id = request.args.get('user_id')
+    print(user_id)
+    auth_dict[int(user_id)] = ''
+    content = '''
+    <p style="text-align: center;">Your passphrase for <strong>''' + str(user_id) + '''</strong>:</p>
+    <p style="text-align: center;"><strong>''' + str(gen_passphrase(int(user_id))) + '''</strong></p>
+'''
+    print(auth_dict)
+            
+    
+    return render_template('generic.html', title = title, url = url, logo = logo, content = Markup(content))
+
+
+
 @app.route('/')
 def index():
-    value = Markup('<strong>The HTML String</strong>')
-    return value
-    #return render_template('index.html', title = dashboard_title, dashboard_url = dashboard_url, logo = logo, emergency = check_emergency(), api = use_api)
+    #content = Markup('<strong>The HTML String</strong>')
+    content = '''
+    <table style="width: 600px; margin-left: auto; margin-right: auto;" border="3">
+    <tbody>
+    <tr>
+    <td><form action="gen" method="get">
+    <table style="margin-left: auto; margin-right: auto;">
+    <tbody>
+    <tr style="height: 62px;">
+    <td style="text-align: center; height: 62px;">
+    <h2><strong><label for="user_id">Generate Passphrase</label></strong></h2>
+    </td>
+    </tr>
+    <tr style="height: 51.1667px;">
+    <td style="height: 51.1667px;"><input id="user_id" name="user_id" type="text" /></td>
+    </tr>
+    <tr style="height: 27px;">
+    <td style="text-align: center; height: 27px;"><input type="submit" value="Submit" /></td>
+    </tr>
+    </tbody>
+    </table>
+    </form></td>
 
 
+    </tr>
+    </tbody>
+    </table>
+'''
+        
+    
+    return render_template('generic.html', title = title, url = url, logo = logo, content = Markup(content))
+
 @app.route('/auth', methods=['POST'])
 def auth():
     hblink_req = request.json
-    #print((auth_dict[hblink_req['id']]))
-    #try:
-    if hblink_req['id'] in auth_dict:
-        if auth_dict[hblink_req['id']] == 0:
-            response = jsonify(
-                    allow=True,
-                    mode='legacy',
-                    )
-        elif auth_dict[hblink_req['id']] == '':
-        # normal
-            response = jsonify(
-                    allow=True,
-                    mode='normal',
-                    )
-        elif auth_dict[hblink_req['id']] != '' or auth_dict[hblink_req['id']] != 0:
-            response = jsonify(
-                    allow=True,
-                    mode='override',
-                    value=auth_dict[hblink_req['id']]
+    print((hblink_req))
+    if hblink_req['secret'] in shared_secrets:
+        if hblink_req['id'] in auth_dict:
+            if auth_dict[hblink_req['id']] == 0:
+                response = jsonify(
+                        allow=True,
+                        mode='legacy',
                         )
-    if hblink_req['id'] not in auth_dict:
-##    except:
-        response = jsonify(
-                    allow=False)
+            elif auth_dict[hblink_req['id']] == '':
+            # normal
+                response = jsonify(
+                        allow=True,
+                        mode='normal',
+                        )
+            elif auth_dict[hblink_req['id']] != '' or auth_dict[hblink_req['id']] != 0:
+                response = jsonify(
+                        allow=True,
+                        mode='override',
+                        value=auth_dict[hblink_req['id']]
+                            )
+        if hblink_req['id'] not in auth_dict:
+            response = jsonify(
+                        allow=False)
+    else:
+        message = jsonify(message='Authentication error')
+        response = make_response(message, 401)
+        
     return response
 
 
 if __name__ == '__main__':
 
-    app.run(debug = True, port=8080, host='127.0.0.1')
+    app.run(debug = True, port=ums_port, host=ums_host)
diff --git a/user_managment/config.py b/user_managment/config.py
new file mode 100644
index 0000000..3ac9867
--- /dev/null
+++ b/user_managment/config.py
@@ -0,0 +1,30 @@
+
+'''
+Settings for user management portal.
+'''
+
+# Title of the Dashboard
+title = 'PNW MMDVM User Portal'
+# Logo used on dashboard page
+logo = 'http://pnwdigital.net/images/Logos/PP-PNW-Logo-12b-Clean-250c.png'
+# Port to run server
+ums_port = 8080
+# IP to run server on
+ums_host = '127.0.0.1'
+
+url = 'http://localhost:8080'
+
+append_int = 1
+
+shared_secrets = ['test']
+
+
+# Gateway contact info displayed on about page.
+contact_name = 'your name'
+contact_call = 'N0CALL'
+contact_email = 'email@example.org'
+contact_website = 'https://hbl.ink'
+
+# Time format for display
+time_format = '%H:%M:%S - %m/%d/%y'
+
diff --git a/user_managment/templates/footer.html b/user_managment/templates/footer.html
new file mode 100644
index 0000000..ca7475b
--- /dev/null
+++ b/user_managment/templates/footer.html
@@ -0,0 +1,5 @@
+<div>
+<hr />
+<div style="text-align: center;">{{title}} created by KF7EEL, W7NCX, and N9VW.<br />pnwdigital.net<br />
+</body>
+ </html>
diff --git a/user_managment/templates/generic.html b/user_managment/templates/generic.html
new file mode 100644
index 0000000..6e5b22c
--- /dev/null
+++ b/user_managment/templates/generic.html
@@ -0,0 +1,5 @@
+{% include 'page.html' %}
+{% include 'header.html' %}
+{{content}}
+{% include 'footer.html' %}
+
diff --git a/user_managment/templates/header.html b/user_managment/templates/header.html
new file mode 100644
index 0000000..78c11bd
--- /dev/null
+++ b/user_managment/templates/header.html
@@ -0,0 +1,11 @@
+<p><img style="display: block; margin-left: auto; margin-right: auto;" src="{{logo}}" alt="Logo" width="300" height="144" /></p>
+<h1 style="text-align: center;">{{title}}</h1>
+<hr />
+<table style="width: 500px; margin-left: auto; margin-right: auto;" border="black" cellspacing="3" cellpadding="3">
+<tbody>
+<tr>
+<td style="text-align: center;"><button onclick="window.location.href='{{dashboard_url}}/';"> Home </button></td>
+</tr>
+</tbody>
+</table>
+<hr />
diff --git a/user_managment/templates/page.html b/user_managment/templates/page.html
new file mode 100644
index 0000000..1c67ad4
--- /dev/null
+++ b/user_managment/templates/page.html
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>{{title}}</title>
+    <style>
+body {background-color: D3D3D3;}
+h1   {color: green;}
+p {
+  padding: 10px;
+  margin: 20px;
+
+}
+.content {
+  max-width: 1200px;
+  min-width: 1200px;
+  margin: auto;
+}
+</style>
+</head>
+<div class="content">
+<body>