diff --git a/scanner/upload.py b/scanner/upload.py
index f65c803..a1b778b 100644
--- a/scanner/upload.py
+++ b/scanner/upload.py
@@ -7,42 +7,41 @@ import json
import hmac
import hashlib
-IDENTITIES_PATH = "identities.yaml"
-WEBHOOK_URL = "https://cloud.flueren.eu/public/update.php"
+IDENTITIES_URL = "http://localhost:8080/identities.json"
+WEBHOOK_URL = "http://localhost:8080/update.php"
WEBHOOK_SECRET = "CHANGE-THIS"
+def get_identities():
+ resp = requests.get(IDENTITIES_URL)
+ return resp.json()
+
+
def parse_wifi_map(map_path):
# read scan results
with open(map_path, 'r') as f:
wifi_map = yaml.safe_load(f)
# read known identities
- with open(IDENTITIES_PATH, 'r') as f:
- identities = yaml.safe_load(f)['identities']
+ identities = get_identities()
print("Known identities:")
for identity in identities:
- print('mac = {}, name = {}'.format(identity['mac'],identity['name']))
+ print('mac hash = {}, name = {}'.format(identity['mac_hash'],identity['name']))
- devices = set()
filtered_identities = set()
# filter scan results for known identities
for ssid in wifi_map:
- #print('ssid = {}'.format(ssid))
ssid_node = wifi_map[ssid]
for bssid in ssid_node:
- #print('\tbssid = {}'.format(bssid))
bssid_node = ssid_node[bssid]
if 'devices' in bssid_node:
for device in bssid_node['devices']:
- devices |= {device}
- #print('\t\tdevice = {}'.format(device))
for identity in identities:
- if identity['mac'] == device:
+ mac_hash = hashlib.sha256(device.encode()).hexdigest()
+ if identity['mac_hash'] == mac_hash:
filtered_identities |= {identity['name']}
- #print('\n\nSSID count: {}, Device count: {}'.format(len(wifi_map), len(devices)))
print('\nFiltered identities:')
print(filtered_identities)
diff --git a/scanner/wifi_map.yaml b/scanner/wifi_map.yaml
index dbe12fe..468fb48 100644
--- a/scanner/wifi_map.yaml
+++ b/scanner/wifi_map.yaml
@@ -5,7 +5,7 @@ TEST_SSID:
channels:
- 11
devices:
- 3c:07:71:15:f1:48:
+ 00:00:00:00:00:00:
bytes: 798
signal: 1
vendor: Sony Corporation
diff --git a/website/identities.json b/website/identities.json
index 0637a08..d201437 100644
--- a/website/identities.json
+++ b/website/identities.json
@@ -1 +1 @@
-[]
\ No newline at end of file
+[{"name":"Jon","mac_hash":"38fbdde984330e50c02382e647c576b71f41cc5c45b193d4f3177e6ee8f22a78"},{"name":"BROADCAST","mac_hash":"ef85d972b07fccdd79085ddb4713cd487c3838e128a7c4d11092909675c2022d"}]
\ No newline at end of file
diff --git a/website/index.php b/website/index.php
index 4fccccc..4a101ed 100644
--- a/website/index.php
+++ b/website/index.php
@@ -1,47 +1,92 @@
setTimestamp($present["timestamp"]);
-if ($_SERVER['REQUEST_METHOD'] == "POST") {
- if (
- preg_match($name_pattern, $_POST['name']) != 1 ||
- preg_match($mac_pattern, $_POST['mac'] != 1)
- ) {
- http_response_code(400);
- die("Bad data");
- }
- $name = $_POST['name'];
- $normalized_mac = str_replace('-', ':', strtolower($_POST['mac']));
+function hash_mac($mac) {
+ $normalized_mac = str_replace('-', ':', strtolower($mac));
$hashed_mac = hash('sha256', $normalized_mac);
+ return $hashed_mac;
+}
- $identities = json_decode(file_get_contents($identities_file), true);
+function add_identity($name, $mac) {
+ if (
+ preg_match('/' . $name_pattern . '/', $name) != 1 ||
+ preg_match('/' . $mac_pattern . '/', $mac) != 1
+ ) {
+ http_response_code(400);
+ die("Bad data");
+ }
+
+ $hashed_mac = hash_mac($mac);
+
+ $identities = json_decode(file_get_contents(IDENTITIES_FILE), true);
+
+ $url = strtok($_SERVER['REQUEST_URI'], '?');
- foreach ($identities as $identity) {
- if (
- $identity['name'] == $name ||
- $identity['mac_hash'] == $hashed_mac
- ) {
- // TODO show error to user
- die("Duplicate data");
+ foreach ($identities as $identity) {
+ if ($identity['name'] == $name) {
+ header("Location: " . $url . "?dup_name", true, 303);
+ exit();
+ }
+ if ($identity['mac_hash'] == $hashed_mac) {
+ header("Location: " . $url . "?dup_mac", true, 303);
+ exit();
+ }
+ }
+
+ array_push($identities, array("name" => $name, "mac_hash" => $hashed_mac));
+ file_put_contents(IDENTITIES_FILE, json_encode($identities));
+
+ header("Location: " . $url . "?succ", true, 303);
+ exit();
+}
+
+function remove_identity($mac) {
+ if (preg_match('/' . $mac_pattern . '/', $mac) != 1) {
+ http_response_code(400);
+ die("Bad data");
+ }
+
+ $hashed_mac = hash_mac($mac);
+
+ $identities = json_decode(file_get_contents(IDENTITIES_FILE), true);
+
+ $new_identities = array();
+
+ foreach ($identities as $identity) {
+ if ($identity['mac_hash'] != $hashed_mac) {
+ array_push($new_identities, $identity);
}
- }
-
- // TODO store new identity
- header("Location: /", true, 303);
- exit();
+ file_put_contents(IDENTITIES_FILE, json_encode($new_identities));
+
+ header("Location: " . strtok($_SERVER['REQUEST_URI'], '?'), true, 303);
+ exit();
+ }
+}
+
+if ($_SERVER['REQUEST_METHOD'] == "POST") {
+ if (
+ isset($_POST['name']) &&
+ isset($_POST['mac'])
+ ) {
+ add_identity($_POST['name'], $_POST['mac']);
+ }
+ else if (isset($_POST['remove-mac'])) {
+ remove_identity($_POST['remove-mac']);
+ }
}
?>
@@ -75,15 +120,52 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
}
?>
-
-