CustomIWMServer/customiwmserver/database.py

77 lines
2.3 KiB
Python
Raw Permalink Normal View History

2022-11-18 16:51:24 +00:00
from datetime import datetime
from typing import Literal
2022-11-18 16:51:24 +00:00
from pymongo import MongoClient
from itsdangerous.serializer import Serializer
from itsdangerous import TimestampSigner
from os import environ, urandom
import json
2022-11-18 16:51:24 +00:00
# Database
2022-11-18 16:51:24 +00:00
client = MongoClient("mongodb://root:catboys@mongo:27017")
db = client["IWM_CustomServer_DB"]
user_collection = db.users
maps_collection = db.maps
reports_collection = db.reports
general_collection = db.general
admin_log_collection = db.admin_log
# Auth token stuff
SECRET_KEY = environ.get("SECRET_KEY", urandom(32).hex())
# s = TimestampSigner(SECRET_KEY)
s = TimestampSigner(SECRET_KEY)
2022-11-19 12:51:28 +00:00
def LogAdminAction(
action_type: str, action_data: dict, UserID: int = None, success: bool = True
):
2022-11-18 16:51:24 +00:00
"""Log administrator action."""
2022-11-19 12:51:28 +00:00
admin_log_collection.insert_one(
{
"date": datetime.utcnow(),
"action_type": action_type,
"action_data": action_data,
}
)
def login_auth_check(username: str, password: str):
# FIXME: This function currently DOES NOT perform any authentication.
# This means that ANYONE knowing the username could perform actions as the user.
query = user_collection.find_one({"Username": username})
if not query:
return False, "noauth"
return True, query
2022-11-18 16:51:24 +00:00
def auth_check(Authorization) -> (tuple[Literal[False], Literal["noauth"]] | tuple[Literal[True], dict]):
2022-11-18 16:51:24 +00:00
"""Checks credentials.
Returns a tuple with result (for example False, "nouser").
Results:
- False if wrong username or password
- True, [dict] if correct
2022-11-18 16:51:24 +00:00
"""
# FIXME (not relevant here anymore): This function currently DOES NOT perform any authentication.
# This means that ANYONE knowing the username could perform actions as the user.
if Authorization is None:
return False, "noauth"
2022-11-18 16:51:24 +00:00
# In this case I assume that the server already authenticated the user,
# and signed the token.
username = s.unsign(Authorization).decode()
print("DBG[auth_check]:", username)
2022-11-19 12:51:28 +00:00
query = user_collection.find_one({"Username": username})
2022-11-18 16:51:24 +00:00
if not query:
return False, "noauth"
2022-11-18 16:51:24 +00:00
# if query["Password"] != password:
# return False, "wrongpass"
2022-11-18 16:51:24 +00:00
return True, query
2022-11-20 14:51:20 +00:00
def id_to_mapcode(id_):
return hex(id_).replace("0x", "").rjust(8, "0")[0:8].upper()