Improve logging a bit
This commit is contained in:
11
app/main.py
11
app/main.py
@@ -1,5 +1,6 @@
|
|||||||
import logging
|
import logging
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
import os
|
||||||
from fastapi import FastAPI
|
from fastapi import FastAPI
|
||||||
from fastapi.security import OAuth2PasswordBearer
|
from fastapi.security import OAuth2PasswordBearer
|
||||||
from contextlib import asynccontextmanager
|
from contextlib import asynccontextmanager
|
||||||
@@ -14,10 +15,18 @@ oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
|
|||||||
scanner = BackgroundScanner(db=get_db_session())
|
scanner = BackgroundScanner(db=get_db_session())
|
||||||
logging.basicConfig(level=logging.INFO)
|
logging.basicConfig(level=logging.INFO)
|
||||||
|
|
||||||
|
def checkDeps():
|
||||||
|
load_dotenv()
|
||||||
|
MIFARE_APP_MASTER_KEY = os.getenv('MIFARE_APP_MASTER_KEY')
|
||||||
|
if not MIFARE_APP_MASTER_KEY:
|
||||||
|
logger.critical(f"MIFARE APP MASTER KEY not found!")
|
||||||
|
logger.critical("Writing and reading cards is disabled!")
|
||||||
|
global disableCards
|
||||||
|
disableCards = True
|
||||||
|
|
||||||
@asynccontextmanager
|
@asynccontextmanager
|
||||||
async def lifespan(app: FastAPI):
|
async def lifespan(app: FastAPI):
|
||||||
load_dotenv()
|
checkDeps()
|
||||||
create_db_and_tables()
|
create_db_and_tables()
|
||||||
create_first_user(db=get_db_session())
|
create_first_user(db=get_db_session())
|
||||||
logger.info("Database created and tables initialized.")
|
logger.info("Database created and tables initialized.")
|
||||||
|
|||||||
@@ -49,6 +49,9 @@ def getCardService(timeout: int = 10):
|
|||||||
return cardservice
|
return cardservice
|
||||||
|
|
||||||
def readFileOnCard(desfire: DESFire):
|
def readFileOnCard(desfire: DESFire):
|
||||||
|
if not MIFARE_ACL_READ_BASE_KEY:
|
||||||
|
logger.critical("MIFARE_ACL_READ_BASE_KEY not found! Reading skipped!")
|
||||||
|
return
|
||||||
#create keys
|
#create keys
|
||||||
#desfire = DESFire(PCSCDevice(cardservice.connection.component))
|
#desfire = DESFire(PCSCDevice(cardservice.connection.component))
|
||||||
aes_keysettings = KeySettings(key_type=DESFireKeyType.DF_KEY_AES)
|
aes_keysettings = KeySettings(key_type=DESFireKeyType.DF_KEY_AES)
|
||||||
@@ -72,18 +75,18 @@ def readFileOnCard(desfire: DESFire):
|
|||||||
read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False)
|
read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False)
|
||||||
|
|
||||||
#Log in with derived read key
|
#Log in with derived read key
|
||||||
logger.info("Start auth")
|
logger.debug("Start auth")
|
||||||
aes_app_read_key = DESFireKey(aes_keysettings, read_div_key_bytes)
|
aes_app_read_key = DESFireKey(aes_keysettings, read_div_key_bytes)
|
||||||
desfire.select_application(MIFARE_APP_ID)
|
desfire.select_application(MIFARE_APP_ID)
|
||||||
|
|
||||||
desfire.authenticate(MIFARE_ACL_READ_BASE_KEY_ID, aes_app_read_key)
|
desfire.authenticate(MIFARE_ACL_READ_BASE_KEY_ID, aes_app_read_key)
|
||||||
|
|
||||||
logger.info("Read data")
|
logger.debug(f"Read data from {MIFARE_ENCRYPTED_FILE_ID}")
|
||||||
file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID)
|
file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID)
|
||||||
rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data)
|
rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data)
|
||||||
#convert list of int to str
|
#convert list of int to str
|
||||||
rdata = to_hex_string(rdata).replace(" ", "").lower()
|
rdata = to_hex_string(rdata).replace(" ", "").lower()
|
||||||
logger.info(f"Data on card: {rdata}")
|
logger.debug(f"Data on card: {rdata}")
|
||||||
return rdata
|
return rdata
|
||||||
|
|
||||||
def DeleteCard():
|
def DeleteCard():
|
||||||
@@ -109,14 +112,14 @@ def DeleteCard():
|
|||||||
|
|
||||||
try:
|
try:
|
||||||
try:
|
try:
|
||||||
logger.info("Auth1")
|
logger.debug("Auth1")#
|
||||||
desfire.authenticate(0x0, desKey)
|
desfire.authenticate(0x0, aes_master_key)
|
||||||
except:
|
except:
|
||||||
logger.info("Auth2")
|
logger.debug("Auth2")
|
||||||
desfire.authenticate(0x0, aes_null_key)
|
desfire.authenticate(0x0, aes_null_key)
|
||||||
except:
|
except:
|
||||||
logger.info("Auth3")
|
logger.debug("Auth3")
|
||||||
desfire.authenticate(0x0, aes_master_key)
|
desfire.authenticate(0x0, desKey)
|
||||||
|
|
||||||
applications = desfire.get_application_ids()
|
applications = desfire.get_application_ids()
|
||||||
logger.debug(f"Applications: {applications}")
|
logger.debug(f"Applications: {applications}")
|
||||||
@@ -154,18 +157,18 @@ def WriteNewCard():
|
|||||||
desKey = DESFireKey(desfire.get_key_setting(), "00" * 8)
|
desKey = DESFireKey(desfire.get_key_setting(), "00" * 8)
|
||||||
|
|
||||||
# Authenticate with default DES key
|
# Authenticate with default DES key
|
||||||
logger.info("Authenticating with default DES key...")
|
logger.debug("Authenticating with default DES key...")
|
||||||
desfire.authenticate(0x0, desKey)
|
desfire.authenticate(0x0, desKey)
|
||||||
|
|
||||||
#get uid
|
#get uid
|
||||||
uid = desfire.get_real_uid()
|
uid = desfire.get_real_uid()
|
||||||
|
|
||||||
# Set default key
|
# Set default key
|
||||||
logger.info("Setting default key...")
|
logger.debug("Setting default key...")
|
||||||
desfire.change_default_key(aes_null_key, 0x0)
|
desfire.change_default_key(aes_null_key, 0x0)
|
||||||
|
|
||||||
# Create application
|
# Create application
|
||||||
logger.info("Creating application...")
|
logger.debug("Creating application...")
|
||||||
app_settings = KeySettings(
|
app_settings = KeySettings(
|
||||||
settings=[
|
settings=[
|
||||||
DESFireKeySettings.KS_ALLOW_CHANGE_MK,
|
DESFireKeySettings.KS_ALLOW_CHANGE_MK,
|
||||||
@@ -181,7 +184,7 @@ def WriteNewCard():
|
|||||||
applications = desfire.get_application_ids()
|
applications = desfire.get_application_ids()
|
||||||
assert len(applications) == 1
|
assert len(applications) == 1
|
||||||
assert applications[0] == get_list(MIFARE_APP_ID)
|
assert applications[0] == get_list(MIFARE_APP_ID)
|
||||||
logger.info(" - Application created successfully.")
|
logger.debug(" - Application created successfully.")
|
||||||
|
|
||||||
# Select application
|
# Select application
|
||||||
desfire.select_application(MIFARE_APP_ID)
|
desfire.select_application(MIFARE_APP_ID)
|
||||||
@@ -190,7 +193,7 @@ def WriteNewCard():
|
|||||||
desfire.authenticate(0x0, aes_null_key)
|
desfire.authenticate(0x0, aes_null_key)
|
||||||
desfire.change_key(0x0, aes_null_key, aes_master_key, 0x1)
|
desfire.change_key(0x0, aes_null_key, aes_master_key, 0x1)
|
||||||
|
|
||||||
logger.info("new key auth")
|
logger.debug("new key auth")
|
||||||
desfire.authenticate(0x0, aes_master_key)
|
desfire.authenticate(0x0, aes_master_key)
|
||||||
|
|
||||||
aes_null_key = DESFireKey(aes_keysettings, "00" * 16)
|
aes_null_key = DESFireKey(aes_keysettings, "00" * 16)
|
||||||
@@ -200,15 +203,15 @@ def WriteNewCard():
|
|||||||
read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False)
|
read_div_key_bytes = diversify_key(get_list(MIFARE_ACL_READ_BASE_KEY), diversification_data, pad_to_32=False)
|
||||||
write_div_key_bytes = diversify_key(get_list(MIFARE_ACL_WRITE_BASE_KEY), diversification_data, pad_to_32=False)
|
write_div_key_bytes = diversify_key(get_list(MIFARE_ACL_WRITE_BASE_KEY), diversification_data, pad_to_32=False)
|
||||||
|
|
||||||
logger.info("Changing file read key...")
|
logger.debug("Changing file read key...")
|
||||||
aes_file_read_key = DESFireKey(aes_keysettings, read_div_key_bytes)
|
aes_file_read_key = DESFireKey(aes_keysettings, read_div_key_bytes)
|
||||||
desfire.change_key(MIFARE_ACL_READ_BASE_KEY_ID, aes_null_key, aes_file_read_key, 0x1)
|
desfire.change_key(MIFARE_ACL_READ_BASE_KEY_ID, aes_null_key, aes_file_read_key, 0x1)
|
||||||
|
|
||||||
logger.info("Changing file write key...")
|
logger.debug("Changing file write key...")
|
||||||
aes_file_write_key = DESFireKey(aes_keysettings, write_div_key_bytes)
|
aes_file_write_key = DESFireKey(aes_keysettings, write_div_key_bytes)
|
||||||
desfire.change_key(MIFARE_ACL_WRITE_BASE_KEY_ID, aes_null_key, aes_file_write_key, 0x1)
|
desfire.change_key(MIFARE_ACL_WRITE_BASE_KEY_ID, aes_null_key, aes_file_write_key, 0x1)
|
||||||
|
|
||||||
logger.info("Create encrypted file containing key...")
|
logger.debug("Create encrypted file containing key...")
|
||||||
file_settings = FileSettings(
|
file_settings = FileSettings(
|
||||||
file_size=16,
|
file_size=16,
|
||||||
encryption=DESFireCommunicationMode.ENCRYPTED,
|
encryption=DESFireCommunicationMode.ENCRYPTED,
|
||||||
@@ -221,14 +224,14 @@ def WriteNewCard():
|
|||||||
desfire.create_standard_file(MIFARE_ENCRYPTED_FILE_ID, file_settings)
|
desfire.create_standard_file(MIFARE_ENCRYPTED_FILE_ID, file_settings)
|
||||||
file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID)
|
file_data = desfire.get_file_settings(MIFARE_ENCRYPTED_FILE_ID)
|
||||||
|
|
||||||
logger.info("Writing UID to encrypted file...")
|
logger.debug("Writing UID to encrypted file...")
|
||||||
key = secrets.token_hex(16)
|
key = secrets.token_hex(16)
|
||||||
desfire.write_file_data(MIFARE_ENCRYPTED_FILE_ID, 0x0, file_data.encryption, get_list(key))
|
desfire.write_file_data(MIFARE_ENCRYPTED_FILE_ID, 0x0, file_data.encryption, get_list(key))
|
||||||
|
|
||||||
logger.info("Reading from encrypted file...")
|
logger.debug("Reading from encrypted file...")
|
||||||
rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data)
|
rdata = desfire.read_file_data(MIFARE_ENCRYPTED_FILE_ID, file_data)
|
||||||
assert rdata == get_list(key)
|
assert rdata == get_list(key)
|
||||||
logger.info(" - Data written successfully.")
|
logger.debug(" - Data written successfully.")
|
||||||
scannerThread.start()
|
scannerThread.start()
|
||||||
return key
|
return key
|
||||||
|
|
||||||
@@ -245,7 +248,7 @@ class BackgroundScanner:
|
|||||||
|
|
||||||
def start(self):
|
def start(self):
|
||||||
if self.is_running:
|
if self.is_running:
|
||||||
logger.info("Scanner already running")
|
logger.error("Scanner already running")
|
||||||
return
|
return
|
||||||
self.is_running = True
|
self.is_running = True
|
||||||
self.thread = threading.Thread(target=self._scan_loop, daemon=True)
|
self.thread = threading.Thread(target=self._scan_loop, daemon=True)
|
||||||
@@ -294,5 +297,6 @@ class BackgroundScanner:
|
|||||||
check = checkAccess(key, self.db)
|
check = checkAccess(key, self.db)
|
||||||
if check == True:
|
if check == True:
|
||||||
openDoor()
|
openDoor()
|
||||||
|
logger.info("Access granted!")
|
||||||
else:
|
else:
|
||||||
logger.info("Access denied!")
|
logger.error("Access denied!")
|
||||||
|
|||||||
Reference in New Issue
Block a user