This repository has been archived by the owner on Aug 18, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.py
81 lines (66 loc) · 2.69 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#!/usr/bin/env python3
from Server import Elections, Patches, Users
from flask import Flask, request, render_template, send_file
import json, os
from Crypto.Hash import SHA3_256
app = Flask(__name__, static_url_path="/static", static_folder="/output")
app.secret_key = os.environ["SECRET_KEY"]
# Errors
ok = 0
invalidData = 1
invalidContext = 2
@app.route("/", methods=["GET"])
def index():
return send_file("output/index.html")
@app.route("/login",methods=["POST"])
def login():
username = request.values.get("username")
password = request.values.get("password")
if not session.get("keys") and username and password:
sha3_256 = SHA3_256.new()
sha3_256.update(password.encode('utf-8'))
passphrase = sha3_256.hexdigest()
keys = Users.login(username,passphrase)
if not keys:
return invalidData
else:
session["keys"] = keys
session["SHA3-256_passphrase"] = passphrase
session["username"] = username
return ok
else:
return invalidContext
###################################################################
############################ CRITICAL #############################
###################################################################
@app.route("/vote", methods=["POST"])
def vote():
# Stop Logging Temporarily to anything but errors
app.logger.setLevel(100) # Higher then **CRITICAL** logs must be send, for them to be logged
username = session.get("username")
election = request.values.get('election')
vote = request.values.get('vote')
if username and election and vote:
Elections.vote(election, vote, username) # After this function is called, nobody has any knowledge of the association between user and vote.
app.logger.setLevel(0) # The crucial unnoticable part has past.
# Not even the client is notified, if there was anything wrong, except if they get a timeout.
return ok
###################################################################
############################ CRITICAL OVER ########################
###################################################################
@app.route("/message", methods=["POST"])
def message():
author = session.get("username")
recipients = json.loads(request.values.get('to'))
body = request.values.get('body')
keys = session.get("keys")
passphrase = session.get("passphrase")
if author and recipients and body and keys:
message = { "body" : body
, "to" : recipients
, "from" : author
}
Users.publish( message, keys )
return ok
else:
return invalidData