Improve logging a bit

This commit is contained in:
2026-05-25 16:23:28 +02:00
parent 9160b312c7
commit 44ea17d87a
2 changed files with 35 additions and 22 deletions

View File

@@ -1,5 +1,6 @@
import logging import logging
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
import os
from fastapi import FastAPI from fastapi import FastAPI
from fastapi.security import OAuth2PasswordBearer from fastapi.security import OAuth2PasswordBearer
from contextlib import asynccontextmanager from contextlib import asynccontextmanager
@@ -14,10 +15,18 @@ oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
scanner = BackgroundScanner(db=get_db_session()) scanner = BackgroundScanner(db=get_db_session())
logging.basicConfig(level=logging.INFO) logging.basicConfig(level=logging.INFO)
def checkDeps():
load_dotenv()
MIFARE_APP_MASTER_KEY = os.getenv('MIFARE_APP_MASTER_KEY')
if not MIFARE_APP_MASTER_KEY:
logger.critical(f"MIFARE APP MASTER KEY not found!")
logger.critical("Writing and reading cards is disabled!")
global disableCards
disableCards = True
@asynccontextmanager @asynccontextmanager
async def lifespan(app: FastAPI): async def lifespan(app: FastAPI):
load_dotenv() checkDeps()
create_db_and_tables() create_db_and_tables()
create_first_user(db=get_db_session()) create_first_user(db=get_db_session())
logger.info("Database created and tables initialized.") logger.info("Database created and tables initialized.")

View File

@@ -49,6 +49,9 @@ def getCardService(timeout: int = 10):
return cardservice return cardservice
def readFileOnCard(desfire: DESFire): def readFileOnCard(desfire: DESFire):
if not MIFARE_ACL_READ_BASE_KEY:
logger.critical("MIFARE_ACL_READ_BASE_KEY not found! Reading skipped!")
return
#create keys #create keys
#desfire = DESFire(PCSCDevice(cardservice.connection.component)) #desfire = DESFire(PCSCDevice(cardservice.connection.component))
aes_keysettings = KeySettings(key_type=DESFireKeyType.DF_KEY_AES) aes_keysettings = KeySettings(key_type=DESFireKeyType.DF_KEY_AES)
@@ -72,18 +75,18 @@ def readFileOnCard(desfire: DESFire):
read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False) read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False)
#Log in with derived read key #Log in with derived read key
logger.info("Start auth") logger.debug("Start auth")
aes_app_read_key = DESFireKey(aes_keysettings, read_div_key_bytes) aes_app_read_key = DESFireKey(aes_keysettings, read_div_key_bytes)
desfire.select_application(MIFARE_APP_ID) desfire.select_application(MIFARE_APP_ID)
desfire.authenticate(MIFARE_ACL_READ_BASE_KEY_ID, aes_app_read_key) desfire.authenticate(MIFARE_ACL_READ_BASE_KEY_ID, aes_app_read_key)
logger.info("Read data") logger.debug(f"Read data from {MIFARE_ENCRYPTED_FILE_ID}")
file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID) file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID)
rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data) rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data)
#convert list of int to str #convert list of int to str
rdata = to_hex_string(rdata).replace(" ", "").lower() rdata = to_hex_string(rdata).replace(" ", "").lower()
logger.info(f"Data on card: {rdata}") logger.debug(f"Data on card: {rdata}")
return rdata return rdata
def DeleteCard(): def DeleteCard():
@@ -109,14 +112,14 @@ def DeleteCard():
try: try:
try: try:
logger.info("Auth1") logger.debug("Auth1")#
desfire.authenticate(0x0, desKey) desfire.authenticate(0x0, aes_master_key)
except: except:
logger.info("Auth2") logger.debug("Auth2")
desfire.authenticate(0x0, aes_null_key) desfire.authenticate(0x0, aes_null_key)
except: except:
logger.info("Auth3") logger.debug("Auth3")
desfire.authenticate(0x0, aes_master_key) desfire.authenticate(0x0, desKey)
applications = desfire.get_application_ids() applications = desfire.get_application_ids()
logger.debug(f"Applications: {applications}") logger.debug(f"Applications: {applications}")
@@ -154,18 +157,18 @@ def WriteNewCard():
desKey = DESFireKey(desfire.get_key_setting(), "00" * 8) desKey = DESFireKey(desfire.get_key_setting(), "00" * 8)
# Authenticate with default DES key # Authenticate with default DES key
logger.info("Authenticating with default DES key...") logger.debug("Authenticating with default DES key...")
desfire.authenticate(0x0, desKey) desfire.authenticate(0x0, desKey)
#get uid #get uid
uid = desfire.get_real_uid() uid = desfire.get_real_uid()
# Set default key # Set default key
logger.info("Setting default key...") logger.debug("Setting default key...")
desfire.change_default_key(aes_null_key, 0x0) desfire.change_default_key(aes_null_key, 0x0)
# Create application # Create application
logger.info("Creating application...") logger.debug("Creating application...")
app_settings = KeySettings( app_settings = KeySettings(
settings=[ settings=[
DESFireKeySettings.KS_ALLOW_CHANGE_MK, DESFireKeySettings.KS_ALLOW_CHANGE_MK,
@@ -181,7 +184,7 @@ def WriteNewCard():
applications = desfire.get_application_ids() applications = desfire.get_application_ids()
assert len(applications) == 1 assert len(applications) == 1
assert applications[0] == get_list(MIFARE_APP_ID) assert applications[0] == get_list(MIFARE_APP_ID)
logger.info(" - Application created successfully.") logger.debug(" - Application created successfully.")
# Select application # Select application
desfire.select_application(MIFARE_APP_ID) desfire.select_application(MIFARE_APP_ID)
@@ -190,7 +193,7 @@ def WriteNewCard():
desfire.authenticate(0x0, aes_null_key) desfire.authenticate(0x0, aes_null_key)
desfire.change_key(0x0, aes_null_key, aes_master_key, 0x1) desfire.change_key(0x0, aes_null_key, aes_master_key, 0x1)
logger.info("new key auth") logger.debug("new key auth")
desfire.authenticate(0x0, aes_master_key) desfire.authenticate(0x0, aes_master_key)
aes_null_key = DESFireKey(aes_keysettings, "00" * 16) aes_null_key = DESFireKey(aes_keysettings, "00" * 16)
@@ -200,15 +203,15 @@ def WriteNewCard():
read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False) read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False)
write_div_key_bytes = diversify_key(get_list(MIFARE_ACL_WRITE_BASE_KEY), diversification_data, pad_to_32=False) write_div_key_bytes = diversify_key(get_list(MIFARE_ACL_WRITE_BASE_KEY), diversification_data, pad_to_32=False)
logger.info("Changing file read key...") logger.debug("Changing file read key...")
aes_file_read_key = DESFireKey(aes_keysettings, read_div_key_bytes) aes_file_read_key = DESFireKey(aes_keysettings, read_div_key_bytes)
desfire.change_key(MIFARE_ACL_READ_BASE_KEY_ID, aes_null_key, aes_file_read_key, 0x1) desfire.change_key(MIFARE_ACL_READ_BASE_KEY_ID, aes_null_key, aes_file_read_key, 0x1)
logger.info("Changing file write key...") logger.debug("Changing file write key...")
aes_file_write_key = DESFireKey(aes_keysettings, write_div_key_bytes) aes_file_write_key = DESFireKey(aes_keysettings, write_div_key_bytes)
desfire.change_key(MIFARE_ACL_WRITE_BASE_KEY_ID, aes_null_key, aes_file_write_key, 0x1) desfire.change_key(MIFARE_ACL_WRITE_BASE_KEY_ID, aes_null_key, aes_file_write_key, 0x1)
logger.info("Create encrypted file containing key...") logger.debug("Create encrypted file containing key...")
file_settings = FileSettings( file_settings = FileSettings(
file_size=16, file_size=16,
encryption=DESFireCommunicationMode.ENCRYPTED, encryption=DESFireCommunicationMode.ENCRYPTED,
@@ -221,14 +224,14 @@ def WriteNewCard():
desfire.create_standard_file(MIFARE_ENCRYPTED_FILE_ID, file_settings) desfire.create_standard_file(MIFARE_ENCRYPTED_FILE_ID, file_settings)
file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID) file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID)
logger.info("Writing UID to encrypted file...") logger.debug("Writing UID to encrypted file...")
key = secrets.token_hex(16) key = secrets.token_hex(16)
desfire.write_file_data(MIFARE_ENCRYPTED_FILE_ID, 0x0, file_data.encryption, get_list(key)) desfire.write_file_data(MIFARE_ENCRYPTED_FILE_ID, 0x0, file_data.encryption, get_list(key))
logger.info("Reading from encrypted file...") logger.debug("Reading from encrypted file...")
rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data) rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data)
assert rdata == get_list(key) assert rdata == get_list(key)
logger.info(" - Data written successfully.") logger.debug(" - Data written successfully.")
scannerThread.start() scannerThread.start()
return key return key
@@ -245,7 +248,7 @@ class BackgroundScanner:
def start(self): def start(self):
if self.is_running: if self.is_running:
logger.info("Scanner already running") logger.error("Scanner already running")
return return
self.is_running = True self.is_running = True
self.thread = threading.Thread(target=self._scan_loop, daemon=True) self.thread = threading.Thread(target=self._scan_loop, daemon=True)
@@ -294,5 +297,6 @@ class BackgroundScanner:
check = checkAccess(key, self.db) check = checkAccess(key, self.db)
if check == True: if check == True:
openDoor() openDoor()
logger.info("Access granted!")
else: else:
logger.info("Access denied!") logger.error("Access denied!")