Авторизация теперь проверяется для некоторых команд
This commit is contained in:
Alexey Polyakov
parent
39463b069b
commit
ab7eec976c
|
|
@ -183,3 +183,7 @@ class Tools:
|
|||
|
||||
# Возвращаем
|
||||
return message, int(row.get("time"))
|
||||
|
||||
async def auth_required(self, userPhone, coro, *args):
|
||||
if userPhone:
|
||||
await coro(*args)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
import asyncio, logging, traceback
|
||||
from oneme_tcp.proto import Proto
|
||||
from oneme_tcp.processors import Processors
|
||||
from common.tools import Tools
|
||||
|
||||
class OnemeMobileServer:
|
||||
def __init__(self, host="0.0.0.0", port=443, ssl_context=None, db_pool=None, clients={}, send_event=None, telegram_bot=None):
|
||||
|
|
@ -13,6 +14,7 @@ class OnemeMobileServer:
|
|||
self.clients = clients
|
||||
|
||||
self.proto = Proto()
|
||||
self.auth_required = Tools().auth_required
|
||||
self.processors = Processors(db_pool=db_pool, clients=clients, send_event=send_event, telegram_bot=telegram_bot)
|
||||
|
||||
async def handle_client(self, reader, writer):
|
||||
|
|
@ -54,6 +56,7 @@ class OnemeMobileServer:
|
|||
case self.proto.LOGIN:
|
||||
userPhone, userId, hashedToken = await self.processors.process_login(payload, seq, writer)
|
||||
|
||||
# Если авторизация на сервере успешная - можем завершить авторизацию
|
||||
if userPhone:
|
||||
await self._finish_auth(writer, address, userPhone, userId)
|
||||
case self.proto.LOGOUT:
|
||||
|
|
@ -64,27 +67,49 @@ class OnemeMobileServer:
|
|||
case self.proto.LOG:
|
||||
await self.processors.process_telemetry(payload, seq, writer)
|
||||
case self.proto.ASSETS_UPDATE:
|
||||
await self.processors.process_get_assets(payload, seq, writer)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_get_assets, payload, seq, writer
|
||||
)
|
||||
case self.proto.VIDEO_CHAT_HISTORY:
|
||||
await self.processors.process_get_call_history(payload, seq, writer)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_get_call_history, payload, seq, writer
|
||||
)
|
||||
case self.proto.MSG_SEND:
|
||||
await self.processors.process_send_message(payload, seq, writer, senderId=userId, db_pool=self.db_pool)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_send_message, payload, seq, writer, senderId=userId, db_pool=self.db_pool
|
||||
)
|
||||
case self.proto.FOLDERS_GET:
|
||||
await self.processors.process_get_folders(payload, seq, writer, senderPhone=userPhone)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_get_folders, payload, seq, writer, senderPhone=userPhone
|
||||
)
|
||||
case self.proto.SESSIONS_INFO:
|
||||
await self.processors.process_get_sessions(payload, seq, writer, senderPhone=userPhone, hashedToken=hashedToken)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_get_sessions, payload, seq, writer, senderPhone=userPhone, hashedToken=hashedToken
|
||||
)
|
||||
case self.proto.CHAT_INFO:
|
||||
await self.processors.process_search_chats(payload, seq, writer, senderId=userId)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_search_chats, payload, seq, writer, senderId=userId
|
||||
)
|
||||
case self.proto.CONTACT_INFO_BY_PHONE:
|
||||
await self.processors.process_search_by_phone(payload, seq, writer, senderId=userId)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_search_by_phone, payload, seq, writer, senderId=userId
|
||||
)
|
||||
case self.proto.OK_TOKEN:
|
||||
await self.processors.process_get_call_token(payload, seq, writer)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_get_call_token, payload, seq, writer
|
||||
)
|
||||
case self.proto.MSG_TYPING:
|
||||
await self.processors.process_typing(payload, seq, writer, senderId=userId)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_typing, payload, seq, writer, senderId=userId
|
||||
)
|
||||
case self.proto.CONTACT_INFO:
|
||||
await self.processors.process_search_users(payload, seq, writer)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_search_users, payload, seq, writer
|
||||
)
|
||||
case self.proto.COMPLAIN_REASONS_GET:
|
||||
await self.processors.process_complain_reasons_get(payload, seq, writer)
|
||||
await self.auth_required(
|
||||
userPhone, self.processors.process_complain_reasons_get, payload, seq, writer
|
||||
)
|
||||
case _:
|
||||
self.logger.warning(f"Неизвестный опкод {opcode}")
|
||||
except Exception as e:
|
||||
|
|
|
|||
|
|
@ -95,10 +95,8 @@ class Processors:
|
|||
await cursor.execute("SELECT * FROM users WHERE phone = %s", (phone,))
|
||||
user = await cursor.fetchone()
|
||||
|
||||
if user is None:
|
||||
await self._send_error(seq, self.proto.REQUEST_CODE, self.error_types.USER_NOT_FOUND, writer)
|
||||
return
|
||||
|
||||
# Если пользователь существует, сохраняем токен
|
||||
if user:
|
||||
# Сохраняем токен
|
||||
await cursor.execute("INSERT INTO auth_tokens (phone, token_hash, code_hash, expires, state) VALUES (%s, %s, %s, %s, %s)", (phone, token_hash, code_hash, expires, "started",))
|
||||
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class Proto:
|
|||
try:
|
||||
parsed_packet = json.loads(packet)
|
||||
except:
|
||||
return {}
|
||||
return None
|
||||
|
||||
return parsed_packet
|
||||
# мне кажется долго вручную всё писать
|
||||
|
|
|
|||
|
|
@ -21,6 +21,11 @@ class TTWSServer:
|
|||
# Распаковываем пакет
|
||||
packet = self.proto.unpack_packet(message)
|
||||
|
||||
# Если ничего не извлекли
|
||||
if packet is None:
|
||||
self.logger.error(f"Не удалось распаковать пакет - {message}")
|
||||
return
|
||||
|
||||
# Валидируем структуру пакета
|
||||
try:
|
||||
MessageModel.model_validate(packet)
|
||||
|
|
|
|||
Loading…
Reference in New Issue