Viacheslav/oaip-project-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

some updates

Browse Source
This commit is contained in:
MoonDev
2025-05-23 01:55:25 +03:00
parent a775fe1c80
commit f1d8283224
18 changed files with 251 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
web_server.py
View File

@@ -15,7 +15,7 @@ from pathlib import Path
from utils.get_primary_ip import get_primary_ip
PASSWORD = "10010055"
SKIP_HASH = False
app = FastAPI()
@@ -90,28 +90,29 @@ async def handle_action(name: str, payload: CommandModel):
action_args = payload.args
hash_with_ts = payload.hash
if not hash_with_ts:
raise HTTPException(status_code=400, detail="Missing hash")
if(not SKIP_HASH):
if not hash_with_ts:
raise HTTPException(status_code=400, detail="Missing hash")
# Split hash and timestamp
try:
received_hash, received_ts = hash_with_ts.split(".")
received_ts = int(received_ts)
except ValueError:
raise HTTPException(status_code=400, detail="Invalid hash format")
# Split hash and timestamp
try:
received_hash, received_ts = hash_with_ts.split(".")
received_ts = int(received_ts)
except ValueError:
raise HTTPException(status_code=400, detail="Invalid hash format")
# Check if token is within 5-second window
current_ts = int(time.time())
if abs(current_ts - received_ts) > 5:
raise HTTPException(status_code=401, detail="Token expired")
# Check if token is within 5-second window
current_ts = int(time.time())
if abs(current_ts - received_ts) > 5:
raise HTTPException(status_code=401, detail="Token expired")
# Reconstruct hash
data_to_hash = PASSWORD + json.dumps(action_args, separators=(",", ":")) + str(received_ts)
computed_hash = hashlib.sha256(data_to_hash.encode("utf-8")).hexdigest()
# Reconstruct hash
data_to_hash = PASSWORD + json.dumps(action_args, separators=(",", ":")) + str(received_ts)
computed_hash = hashlib.sha256(data_to_hash.encode("utf-8")).hexdigest()
# Verify hash
if computed_hash != received_hash:
raise HTTPException(status_code=401, detail="Invalid hash")
# Verify hash
if computed_hash != received_hash:
raise HTTPException(status_code=401, detail="Invalid hash")
try:
# Вызываем функцию из callback.py, передавая имя действия и аргументы