astelm
/
openmax-server
mirror of https://github.com/openmax-server/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Авторизация теперь проверяется для некоторых команд

This commit is contained in:
Alexey Polyakov 2026-03-10 19:38:53 +03:00
parent 39463b069b
commit ab7eec976c
5 changed files with 51 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/common/tools.py
View File

@ -182,4 +182,8 @@ class Tools:
} }
# Возвращаем # Возвращаем
return message, int(row.get("time")) return message, int(row.get("time"))
async def auth_required(self, userPhone, coro, *args):
if userPhone:
await coro(*args)

47
src/oneme_tcp/server.py
View File

@ -1,6 +1,7 @@
import asyncio, logging, traceback import asyncio, logging, traceback
from oneme_tcp.proto import Proto from oneme_tcp.proto import Proto
from oneme_tcp.processors import Processors from oneme_tcp.processors import Processors
from common.tools import Tools
class OnemeMobileServer: class OnemeMobileServer:
def __init__(self, host="0.0.0.0", port=443, ssl_context=None, db_pool=None, clients={}, send_event=None, telegram_bot=None): def __init__(self, host="0.0.0.0", port=443, ssl_context=None, db_pool=None, clients={}, send_event=None, telegram_bot=None):
@ -13,6 +14,7 @@ class OnemeMobileServer:
self.clients = clients self.clients = clients
self.proto = Proto() self.proto = Proto()
self.auth_required = Tools().auth_required
self.processors = Processors(db_pool=db_pool, clients=clients, send_event=send_event, telegram_bot=telegram_bot) self.processors = Processors(db_pool=db_pool, clients=clients, send_event=send_event, telegram_bot=telegram_bot)
async def handle_client(self, reader, writer): async def handle_client(self, reader, writer):
@ -54,6 +56,7 @@ class OnemeMobileServer:
case self.proto.LOGIN: case self.proto.LOGIN:
userPhone, userId, hashedToken = await self.processors.process_login(payload, seq, writer) userPhone, userId, hashedToken = await self.processors.process_login(payload, seq, writer)
# Если авторизация на сервере успешная - можем завершить авторизацию
if userPhone: if userPhone:
await self._finish_auth(writer, address, userPhone, userId) await self._finish_auth(writer, address, userPhone, userId)
case self.proto.LOGOUT: case self.proto.LOGOUT:
@ -64,27 +67,49 @@ class OnemeMobileServer:
case self.proto.LOG: case self.proto.LOG:
await self.processors.process_telemetry(payload, seq, writer) await self.processors.process_telemetry(payload, seq, writer)
case self.proto.ASSETS_UPDATE: case self.proto.ASSETS_UPDATE:
await self.processors.process_get_assets(payload, seq, writer) await self.auth_required(
userPhone, self.processors.process_get_assets, payload, seq, writer
)
case self.proto.VIDEO_CHAT_HISTORY: case self.proto.VIDEO_CHAT_HISTORY:
await self.processors.process_get_call_history(payload, seq, writer) await self.auth_required(
userPhone, self.processors.process_get_call_history, payload, seq, writer
)
case self.proto.MSG_SEND: case self.proto.MSG_SEND:
await self.processors.process_send_message(payload, seq, writer, senderId=userId, db_pool=self.db_pool) await self.auth_required(
userPhone, self.processors.process_send_message, payload, seq, writer, senderId=userId, db_pool=self.db_pool
)
case self.proto.FOLDERS_GET: case self.proto.FOLDERS_GET:
await self.processors.process_get_folders(payload, seq, writer, senderPhone=userPhone) await self.auth_required(
userPhone, self.processors.process_get_folders, payload, seq, writer, senderPhone=userPhone
)
case self.proto.SESSIONS_INFO: case self.proto.SESSIONS_INFO:
await self.processors.process_get_sessions(payload, seq, writer, senderPhone=userPhone, hashedToken=hashedToken) await self.auth_required(
userPhone, self.processors.process_get_sessions, payload, seq, writer, senderPhone=userPhone, hashedToken=hashedToken
)
case self.proto.CHAT_INFO: case self.proto.CHAT_INFO:
await self.processors.process_search_chats(payload, seq, writer, senderId=userId) await self.auth_required(
userPhone, self.processors.process_search_chats, payload, seq, writer, senderId=userId
)
case self.proto.CONTACT_INFO_BY_PHONE: case self.proto.CONTACT_INFO_BY_PHONE:
await self.processors.process_search_by_phone(payload, seq, writer, senderId=userId) await self.auth_required(
userPhone, self.processors.process_search_by_phone, payload, seq, writer, senderId=userId
)
case self.proto.OK_TOKEN: case self.proto.OK_TOKEN:
await self.processors.process_get_call_token(payload, seq, writer) await self.auth_required(
userPhone, self.processors.process_get_call_token, payload, seq, writer
)
case self.proto.MSG_TYPING: case self.proto.MSG_TYPING:
await self.processors.process_typing(payload, seq, writer, senderId=userId) await self.auth_required(
userPhone, self.processors.process_typing, payload, seq, writer, senderId=userId
)
case self.proto.CONTACT_INFO: case self.proto.CONTACT_INFO:
await self.processors.process_search_users(payload, seq, writer) await self.auth_required(
userPhone, self.processors.process_search_users, payload, seq, writer
)
case self.proto.COMPLAIN_REASONS_GET: case self.proto.COMPLAIN_REASONS_GET:
await self.processors.process_complain_reasons_get(payload, seq, writer) await self.auth_required(
userPhone, self.processors.process_complain_reasons_get, payload, seq, writer
)
case _: case _:
self.logger.warning(f"Неизвестный опкод {opcode}") self.logger.warning(f"Неизвестный опкод {opcode}")
except Exception as e: except Exception as e:

10
src/tamtam_tcp/processors.py
View File

@ -95,12 +95,10 @@ class Processors:
await cursor.execute("SELECT * FROM users WHERE phone = %s", (phone,)) await cursor.execute("SELECT * FROM users WHERE phone = %s", (phone,))
user = await cursor.fetchone() user = await cursor.fetchone()
if user is None: # Если пользователь существует, сохраняем токен
await self._send_error(seq, self.proto.REQUEST_CODE, self.error_types.USER_NOT_FOUND, writer) if user:
return # Сохраняем токен
await cursor.execute("INSERT INTO auth_tokens (phone, token_hash, code_hash, expires, state) VALUES (%s, %s, %s, %s, %s)", (phone, token_hash, code_hash, expires, "started",))
# Сохраняем токен
await cursor.execute("INSERT INTO auth_tokens (phone, token_hash, code_hash, expires, state) VALUES (%s, %s, %s, %s, %s)", (phone, token_hash, code_hash, expires, "started",))
# Данные пакета # Данные пакета
payload = { payload = {

2
src/tamtam_ws/proto.py
View File

@ -18,7 +18,7 @@ class Proto:
try: try:
parsed_packet = json.loads(packet) parsed_packet = json.loads(packet)
except: except:
return {} return None
return parsed_packet return parsed_packet
# мне кажется долго вручную всё писать # мне кажется долго вручную всё писать

5
src/tamtam_ws/server.py
View File

@ -21,6 +21,11 @@ class TTWSServer:
# Распаковываем пакет # Распаковываем пакет
packet = self.proto.unpack_packet(message) packet = self.proto.unpack_packet(message)
# Если ничего не извлекли
if packet is None:
self.logger.error(f"Не удалось распаковать пакет - {message}")
return
# Валидируем структуру пакета # Валидируем структуру пакета
try: try:
MessageModel.model_validate(packet) MessageModel.model_validate(packet)