#Embedded file name: noradioactive.py import sys import os import getopt import BaseHTTPServer import urlparse import socket import cgi import logging import random import traceback import glob import urllib import urllib2 import hashlib import tempfile import pycassa import time import ConfigParser import SocketServer import threading import re HOME_STRING = ' Home' REGISTER_STRING = ' Register ' DOCUMENTATION_STRING = ' Nwongozo ' LOGOUT_STRING = ' Log out ' TITLE_STRING = ' radiation Monitoring System ' INTRO_STRING = ' This is a system to monitor your level of radiation ' LOGIN_STRING = ' Please log in using the form below ' LOGIN_FIELDSET_STRING = ' Enter' USERNAME_FIELD_STRING = 'user name ' PASSWORD_FIELD_STRING = ' secret word ' LOGIN_SUBMIT_STRING = ' Submit ' WELCOME_STRING = ' Welcome ' SERIAL_STRING = ' Number ' SUBMIT_READING_STRING = ' Please submit new radiation reading' FIELDSET_READING_STRING = ' Read ' RADIO_FIELD_STRING = ' Radioactive ' LOCATION_FIELD_STRING = ' Location' READING_SUBMIT_STRING = ' Record ' REGISTER_STRING = ' Register ' SERIAL_FIELD_STRING = ' serial number ' REGISTER_SUBMIT_STRING = ' Submit ' DATABASE_STRING = ' Primary data' DATA_STRING = ' Data ' SESSIONS_STRING = ' Sessions ' MANUAL_STRING = ' Documents ' MANUAL_DATA_STRING = ' This application is used to keep track of radiation levels in different areas . ' RECORD_READING_STRING = ' Record Read ' NOT_LOGGED_STRING = ' You are not inside. ' READING_RECORDED_STRING = ' Read success record. ' COLOCATED_WORKERS_STRING = ' same place workers ' REGISTRATION_STRING = ' No. ' USER_REGISTERED_STRING = ' User successfully added . ' USER_REGISTRATION_FAILED_STRING = ' user registeration failed' AUTHENTICATION_FAILED_STRING = ' Authentication failed. Please check that the provided username / secret word combination is correct . ' LOGIN_ERROR_STRING = ' Error occurred while processing your entry ' INVALID_LOGIN_STRING = ' Door invalid ' DATA_RECORDING_FAILED_STRING = ' Data recording failure ' LOGOUT_ERROR_STRING = ' an error occurred while logging out ' NOT_FOUND_STRING = ' Resource not found ' ERROR_STRING = ' an error occurred ' LOGGED_OUT_STRING = ' You have been logged out . ' class ThreadingHTTPServer(SocketServer.ThreadingMixIn, BaseHTTPServer.HTTPServer): pass class RequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): home_path = '/' css_path = '/style.css' css_file = 'noradioactive.css' manual_path = '/manual' manual_file = 'noradioactive.doc' icon_path = '/favicon.ico' icon_file = 'noradioactive.ico' background_path = '/background.jpg' background_file = 'noradioactive.jpg' login_path = '/login' logout_path = '/logout' register_path = '/register' reading_path = '/reading' dump_path = '/dump' dump_allowed = False dump_auth_attr = 'auth' dump_auth_value = 'radioidar' secret = 'noradioactiveinjection' header = '\n\n\n\n
\n\n ' + INTRO_STRING + ' \n \n ' + LOGIN_STRING + ' \n\n\n | \n\n\n | \n
' + WELCOME_STRING + ' ' + username + ' [' + SERIAL_STRING + ': ' + columns.get('serial') + ']
\n\n') for column in columns.keys(): if column == 'serial': continue if column == 'password': continue self.wfile.write('\n%s: %s\n' % (column, columns.get(column))) self.wfile.write('\n') self.wfile.write('\n
' + SUBMIT_READING_STRING + ':
\n\n") self.wfile.write(self.footer) def register(self, params): self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % (REGISTER_STRING, REGISTER_STRING)) self.wfile.write('\n") self.wfile.write(self.footer) def manual(self, params): self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % (MANUAL_STRING, MANUAL_STRING)) self.wfile.write('' + MANUAL_DATA_STRING + '
') self.wfile.write(self.footer) def dump(self, params): if not self.dump_allowed: return if not params.has_key(self.dump_auth_attr) or params[self.dump_auth_attr][0] != self.dump_auth_value: self.send_response(404) self.send_header('Content-type', 'text/html') self.end_headers() return self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % (DATABASE_STRING, DATABASE_STRING)) result = self.data.get_range() self.wfile.write('' + DATA_STRING + '
') self.wfile.write('\n\n') for key, columns in result: self.wfile.write('\n%s:\n' % key) for column in columns: self.wfile.write('\n %s: %s\n' % (str(column), columns[column])) self.wfile.write('\n\n') self.wfile.write('
' + SESSIONS_STRING + '
') result = self.sessions.get_range() self.wfile.write('\n\n') for key, columns in result: self.wfile.write('\n%s:\n' % key) for column in columns: self.wfile.write('\n %s: %s\n' % (str(column), columns[column])) self.wfile.write('\n\n') self.wfile.write(self.footer) def auth(self): cookies = self.headers.getheaders('Cookie') if cookies == None or len(cookies) == 0: return self.logger.debug('Received cookies: %s' % str(cookies)) session = None for cookie in cookies: try: attr_vals = cookie.split(';') for attr_val in attr_vals: attr_val = attr_val.strip() self.logger.debug('Considering attribute/value pair: %s' % str(attr_val)) attribute, value = attr_val.split('=') if attribute == 'session': session = value except Exception as err: self.logger.debug('Error in parsing cookie %s: %s' % (str(cookie), str(err))) return False if session == None: return try: columns = self.sessions.get(session) username = columns.get('username') except Exception as e: self.logger.error('Authentication failed for session: %s (%s)' % (session, str(e))) return return session def reading(self, form): self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % (RECORD_READING_STRING, RECORD_READING_STRING)) session = self.auth() if session == None: self.wfile.write('
' + NOT_LOGGED_STRING + '
') self.wfile.write(self.footer) return username = self.sessions.get(session).get('username') try: location = self.sanitize(form.getfirst('location')) radioactivity = self.sanitize(form.getfirst('radioactivity')) if location == '' or radioactivity == '': raise Exception('empty parameter(s)') self.logger.debug('Requested recording: location [%s] -> radioactivity [%s]' % (location, radioactivity)) if location != 'password' and location != 'serial': self.data.insert(username, {location: radioactivity}) self.wfile.write('\n' + READING_RECORDED_STRING + '
\n') result = self.data.get_range() colos = list() for key, columns in result: if key == username: continue if columns.has_key(location): colos.append(key) if len(colos) > 0: self.wfile.write('\n' + COLOCATED_WORKERS_STRING + ':
\n' + DATA_RECORDING_FAILED_STRING + ': %s.
\n' % self.sanitize(str(err))) self.wfile.write(self.footer) return def process_register(self, form): self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % (REGISTRATION_STRING, REGISTRATION_STRING)) try: username = form.getfirst('username') password = form.getfirst('password') serial = form.getfirst('serial') if username == '' or password == '' or serial == '' or username == None or password == None or serial == None: raise Exception('empty parameter(s)') username = self.sanitize(username.strip()) password = self.sanitize(password.strip()) serial = self.sanitize(serial.strip()) self.logger.debug('Requested registration with username [%s], password [%s], and serial [%s]' % (username, password, serial)) if password != '': md5 = hashlib.md5() md5.update(password) password = md5.hexdigest() self.data.insert(username, {'password': password}) if serial != '': self.data.insert(username, {'serial': serial}) self.wfile.write('\n' + USER_REGISTERED_STRING + '
\n') self.wfile.write(self.footer) except Exception as err: self.logger.error('An error occurred when registering your account: %s' % str(err)) self.wfile.write('\n' + USER_REGISTRATION_FAILED_STRING + ': %s.
\n' % self.sanitize(str(err))) self.wfile.write(self.footer) return def login(self, form): try: username = self.sanitize(form.getfirst('username')) password = self.sanitize(form.getfirst('password')) self.logger.debug('Requested login with username [%s] and password [%s]' % (username, password)) md5 = hashlib.md5() md5.update(password) password = md5.hexdigest() result = self.data.get(username) authenticated = True if not result.has_key('password'): authenticated = False if result['password'] != '' and result['password'] != password: authenticated = False if authenticated: md5 = hashlib.md5() md5.update(str(time.time()) + username + password + self.secret) session = md5.hexdigest() self.sessions.insert(session, {'username': username}) else: self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % (INVALID_LOGIN_STRING, INVALID_LOGIN_STRING)) self.wfile.write('\n' + AUTHENTICATION_FAILED_STRING + '
\n') self.wfile.write(self.footer) self.logger.error('Invalid login with username [%s] and password [%s]' % (username, password)) return except Exception as err: self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % (INVALID_LOGIN_STRING, INVALID_LOGIN_STRING)) self.wfile.write(LOGIN_ERROR_STRING + ': %s' % self.sanitize(str(err))) self.wfile.write(self.footer) self.logger.error('An error occurred in processing the login: %s' % str(err)) return self.send_response(303) self.send_header('Content-type', 'text/html') self.send_header('Location', '%s' % self.home_path) self.send_header('Set-Cookie', 'session=%s' % session) self.end_headers() def logout(self, params): try: self.send_response(200) self.send_header('Content-type', 'text/html') self.end_headers() self.wfile.write(self.header % ('Logout', 'Logout')) session = self.auth() if session == None: self.wfile.write('' + NOT_LOGGED_STRING + '
') self.wfile.write(self.footer) return self.sessions.remove(session) except Exception as err: self.wfile.write(LOGOUT_ERROR_STRING + ': %s' % self.sanitize(str(err))) self.wfile.write(self.footer) self.logger.error('An error occurred in processing the logout: %s' % str(err)) return self.wfile.write('\n' + LOGGED_OUT_STRING + '
\n') self.wfile.write(self.footer) def do_GET(self): try: self.logger.debug('Received GET request with path: %s' % self.path) req = urlparse.urlparse(self.path) self.logger.debug('Received request resource: %s' % req.path) params = urlparse.parse_qs(req.query) self.logger.debug('Received parameters: %s' % str(params)) self.data = pycassa.columnfamily.ColumnFamily(RequestHandler.pool, RequestHandler.data_family) self.sessions = pycassa.columnfamily.ColumnFamily(RequestHandler.pool, RequestHandler.session_family) if req.path == self.home_path: self.home(params) return if req.path == self.register_path: self.register(params) return if req.path == self.css_path: self.style(params) return if req.path == self.background_path: self.background(params) return if req.path == self.icon_path: self.icon(params) return if req.path == self.dump_path: self.dump(params) return if req.path == self.manual_path: self.manual(params) return if req.path == self.logout_path: self.logout(params) return self.send_error(404, NOT_FOUND_STRING + ': %s' % self.sanitize(self.path)) return return except Exception as err: self.wfile.write(ERROR_STRING + ': ' + self.sanitize(str(err))) self.logger.error('An error occurred: ' + str(err)) et, ev, tb = sys.exc_info() traceback.print_tb(tb) return def do_POST(self): try: self.logger.debug('Received POST request with path: %s' % self.path) req = urlparse.urlparse(self.path) self.logger.debug('Received request resource: %s' % req.path) form = cgi.FieldStorage(fp=self.rfile, headers=self.headers, environ={'REQUEST_METHOD': 'POST', 'CONTENT_TYPE': self.headers['Content-Type']}) self.logger.debug('Received parameters: %s' % str(form)) self.data = pycassa.columnfamily.ColumnFamily(RequestHandler.pool, RequestHandler.data_family) self.sessions = pycassa.columnfamily.ColumnFamily(RequestHandler.pool, RequestHandler.session_family) if req.path == self.login_path: self.login(form) return if req.path == self.register_path: self.process_register(form) return if req.path == self.reading_path: self.reading(form) return self.send_error(400, NOT_FOUND_STRING + ': %s' % self.sanitize(self.path)) return return except Exception as err: self.wfile.write(ERROR_STRING + ': ' + self.sanitize(str(err))) self.logger.error('An error occurred: ' + str(err)) return def usage(fname): print '%s [-d (debug)] [-p