Fix SESAME bug (Issue #103)

2018-07-15 23:25:26 +02:00 · 2018-07-15 23:25:26 +02:00 · 6e7a2ec358
commit 6e7a2ec358
parent c74ec99d6b
2 changed files with 37 additions and 16 deletions
--- a/configurator.py
+++ b/configurator.py
@ -3668,22 +3668,40 @@ class RequestHandler(BaseHTTPRequestHandler):
        req = urlparse(self.path)
        if SESAME or TOTP:
            chunk = req.path.split("/")[-1]
-            if chunk == SESAME or TOTP.verify(chunk):
-                if self.client_address[0] not in ALLOWED_NETWORKS:
-                    ALLOWED_NETWORKS.append(self.client_address[0])
-                if self.client_address[0] in BANNED_IPS:
-                    BANNED_IPS.remove(self.client_address[0])
-                url = req.path[:req.path.rfind(chunk)]
-                self.send_response(302)
-                self.send_header('Location', url)
-                self.end_headers()
-                data = {
-                    "title": "HASS Configurator - SESAME access",
-                    "message": "Your SESAME token has been used to whitelist " \
-                    "the IP address %s." % self.client_address[0]
-                }
-                notify(**data)
-                return
+            if SESAME:
+                if chunk == SESAME:
+                    if self.client_address[0] not in ALLOWED_NETWORKS:
+                        ALLOWED_NETWORKS.append(self.client_address[0])
+                    if self.client_address[0] in BANNED_IPS:
+                        BANNED_IPS.remove(self.client_address[0])
+                    url = req.path[:req.path.rfind(chunk)]
+                    self.send_response(302)
+                    self.send_header('Location', url)
+                    self.end_headers()
+                    data = {
+                        "title": "HASS Configurator - SESAME access",
+                        "message": "Your SESAME token has been used to whitelist " \
+                        "the IP address %s." % self.client_address[0]
+                    }
+                    notify(**data)
+                    return
+            if TOTP:
+                if TOTP.verify(chunk):
+                    if self.client_address[0] not in ALLOWED_NETWORKS:
+                        ALLOWED_NETWORKS.append(self.client_address[0])
+                    if self.client_address[0] in BANNED_IPS:
+                        BANNED_IPS.remove(self.client_address[0])
+                    url = req.path[:req.path.rfind(chunk)]
+                    self.send_response(302)
+                    self.send_header('Location', url)
+                    self.end_headers()
+                    data = {
+                        "title": "HASS Configurator - SESAME access",
+                        "message": "Your SESAME token has been used to whitelist " \
+                        "the IP address %s." % self.client_address[0]
+                    }
+                    notify(**data)
+                    return
        if not check_access(self.client_address[0]):
            self.do_BLOCK()
            return