Kraken-fetch.py now has functioning auth system and added RSA key stuff for servers public/private setup, to be used to encrypt the responses. Made the demo-client.py work with current state of kraken-fetch.py.
This commit is contained in:
kalzu
@ -1,11 +1,11 @@
|
||||
#!/usr/bin/python3
|
||||
|
||||
import krakenex, math
|
||||
import json, sqlite3, binascii
|
||||
import json, sqlite3, rsa
|
||||
import requests, os, time
|
||||
import threading, ecdsa
|
||||
from hashlib import sha256
|
||||
from flask import Flask, request
|
||||
from flask import Flask, jsonify, request
|
||||
|
||||
database = "btc_ohlc.db"
|
||||
app = Flask(__name__)
|
||||
@ -15,6 +15,11 @@ user_publickeys = {
|
||||
"kalzu": 'f1debc13fb21fe0eee54525aa4f8aae5733b201c755edaa55f8893c90aa375b261a62eaa3110651ac5d7705d402581256a37508b0a1ca28bd919ea44710d9c88'
|
||||
}
|
||||
|
||||
## Generate the RSA keys for this instance
|
||||
print("Generating RSA keys for this instance... just wait a bit...")
|
||||
(server_public_key, server_private_key) = rsa.newkeys(4096)
|
||||
server_public_key_string = server_public_key.save_pkcs1().decode('utf-8')
|
||||
|
||||
database_lock = threading.Lock()
|
||||
|
||||
# Empty response json
|
||||
@ -232,21 +237,20 @@ def get_the_data():
|
||||
time.sleep(290)
|
||||
|
||||
def check_auth(text, signature):
|
||||
print(text)
|
||||
print(signature)
|
||||
## Make bytes-object from given signature
|
||||
sig_bytes = bytes.fromhex(signature)
|
||||
access_granted = 0
|
||||
## We will iterate over all user keys to determ who is we are talking to and should they have access
|
||||
for key, value in user_publickeys.items():
|
||||
## What f*ck even is this?
|
||||
vk = ecdsa.VerifyingKey.from_string(sig_bytes.fromhex(value), curve=ecdsa.SECP256k1)
|
||||
if vk.verify(sig_bytes, text):
|
||||
## Create bytes-object from the public in 'value' variable
|
||||
## and use it to create VerifyingKey (vk)
|
||||
public_key_bytes = bytes.fromhex(value)
|
||||
vk = ecdsa.VerifyingKey.from_string(public_key_bytes, curve=ecdsa.SECP256k1)
|
||||
try:
|
||||
vk.verify(sig_bytes, bytes(text, 'utf-8'))
|
||||
print('user is', key)
|
||||
access_granted = 1
|
||||
if access_granted != 0:
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
return True
|
||||
except ecdsa.BadSignatureError:
|
||||
return False
|
||||
|
||||
@app.route('/')
|
||||
def get_data():
|
||||
@ -259,7 +263,7 @@ def get_data():
|
||||
signature = request.headers.get('auth')
|
||||
get_url = request.url
|
||||
if not check_auth(get_url, signature):
|
||||
return 'Error with Authentication', 403
|
||||
return 'Access denied! Check your keys, maybe.', 403
|
||||
|
||||
database_lock.acquire()
|
||||
db = sqlite3.connect(database)
|
||||
@ -288,6 +292,17 @@ def get_data():
|
||||
|
||||
return response, 200, {'Content-Type': 'application/json'}
|
||||
|
||||
@app.route('/serverkey')
|
||||
def give_serverkey():
|
||||
|
||||
## This endpoint also under Authentication?
|
||||
signature = request.headers.get('auth')
|
||||
get_url = request.url
|
||||
if not check_auth(get_url, signature):
|
||||
return 'Access denied! Check your keys, maybe.', 403
|
||||
|
||||
return jsonify({'public_key': server_public_key_string})
|
||||
|
||||
if __name__ == '__main__':
|
||||
# Make sanity checks for the database
|
||||
Checkthedatabase()
|
||||
|
||||
Reference in New Issue
Block a user