Spaces:

LosCabeza
/

chatlocal

Runtime error

App Files Files Community

MGLDZM commited on Dec 15, 2023

Commit

ea0a765

1 Parent(s): 190cf4b

dev step

Browse files

Files changed (5) hide show

main.py +17 -3
modules/model.py +11 -3
modules/security.py +16 -2
static/js/chatHandler.js +28 -1
templates/main.html +50 -45

main.py CHANGED Viewed

@@ -5,6 +5,7 @@ import os, json
 import time
 from hashlib import sha256
 from modules import model, oauth, security, log_module, llm, chat_functions, settings
 from fastapi.staticfiles import StaticFiles
 from fastapi.templating import Jinja2Templates
 from datetime import datetime
@@ -19,11 +20,11 @@ log_module.log_write("master", "iniciado", "-")
 ########################## MAIN ##########################
 @app.get("/", response_class=HTMLResponse)
-async def main_page(request: Request, user = Depends(model.User.find_from_cookie)):
     if not user.can_use("chat"):
         return RedirectResponse(url='/hold')
-    tools = [{"name": k, "desc": v}   for k, v in chat_functions.function_user_text.items() ]
     token = user.create_token()
     response = templates.TemplateResponse(
         "main.html", {
@@ -67,12 +68,25 @@ async def get_configs(request: Request, user = Depends(model.User.find_from_head
     return user.configs.model_dump() | {"tokens": tokens}
 @app.post("/setConfigs")
-async def set_configs(request: Request, configs: model.Configs, user = Depends(model.User.find_from_header)):
     user.configs = configs
     user.update()
     return {"success":True}
 @app.post("/chat")
 async def chat_async(request: Request, body: model.Chat, user = Depends(model.User.find_from_header)):
     if(len(body.messages) < 1 or body.messages[-1].content==""):

 import time
 from hashlib import sha256
 from modules import model, oauth, security, log_module, llm, chat_functions, settings
+from modules.model import User
 from fastapi.staticfiles import StaticFiles
 from fastapi.templating import Jinja2Templates
 from datetime import datetime
 ########################## MAIN ##########################
 @app.get("/", response_class=HTMLResponse)
+async def main_page(request: Request, user: User = Depends(User.find_from_cookie)):
     if not user.can_use("chat"):
         return RedirectResponse(url='/hold')
+    tools = [{"name": k, "desc": v}   for k, v in chat_functions.function_user_text.items()]
     token = user.create_token()
     response = templates.TemplateResponse(
         "main.html", {
     return user.configs.model_dump() | {"tokens": tokens}
 @app.post("/setConfigs")
+async def set_configs(request: Request, configs: model.Configs, user = Depends(User.find_from_header)):
     user.configs = configs
     user.update()
     return {"success":True}
+@app.post("/getToken")
+async def get_token(request: Request, data: dict, user: User = Depends(User.find_from_header)):
+    user.session = model.Session(**data)
+    data.pop("fingerprint")
+    security.validate_signature(**data)
+    security.create_jwt_token(data)
+    token = user.create_token()
+class Session(BaseModel):
+    gid: str
+    fingerprint: str
+    public_key: str
+    return {"su":True}
 @app.post("/chat")
 async def chat_async(request: Request, body: model.Chat, user = Depends(model.User.find_from_header)):
     if(len(body.messages) < 1 or body.messages[-1].content==""):

modules/model.py CHANGED Viewed

@@ -62,11 +62,14 @@ class Chat(BaseModel):
 class Session(BaseModel):
     gid: str
-    fprint: str
     guid: str = str(uuid.uuid4())
     created: datetime = datetime.now(tz)
     updated: datetime = datetime.now(tz)
     expire: datetime =  datetime.now(tz)+timedelta(days=7)
     @classmethod
     def remove_expired(cls: Self, gid: str) -> None:
@@ -164,8 +167,13 @@ class User(BaseModel):
     def create_token(self: Self) -> str:
-        return security.create_jwt_token({"gid": self.gid, "guid": self.session.guid})
     def update_description(self: Self, message: str) -> None:
         log_module.logger.info(f"Description Updated: {self.gid}")

 class Session(BaseModel):
     gid: str
+    fingerprint: str
+    public_key: str
     guid: str = str(uuid.uuid4())
     created: datetime = datetime.now(tz)
     updated: datetime = datetime.now(tz)
     expire: datetime =  datetime.now(tz)+timedelta(days=7)
     @classmethod
     def remove_expired(cls: Self, gid: str) -> None:
     def create_token(self: Self) -> str:
+        return security.create_jwt_token({
+            "gid": self.gid,
+            "guid": self.session.guid,
+            "fp": self.session.fprint,
+            "pubk": self.session.public_key
+            })
     def update_description(self: Self, message: str) -> None:
         log_module.logger.info(f"Description Updated: {self.gid}")

modules/security.py CHANGED Viewed

@@ -5,7 +5,10 @@ from fastapi.security import HTTPBasicCredentials
 from fastapi.responses import RedirectResponse
 from . import log_module, settings
 from datetime import datetime, timedelta
 for key in settings.USERS:
@@ -66,4 +69,15 @@ def raise_307():
             status_code=status.HTTP_307_TEMPORARY_REDIRECT,
             detail="Could not validate access",
             headers=headers
-        )

 from fastapi.responses import RedirectResponse
 from . import log_module, settings
 from datetime import datetime, timedelta
+from Crypto.Signature import pss
+from Crypto.Hash import SHA256
+from Crypto.PublicKey import RSA
+import base64
 for key in settings.USERS:
             status_code=status.HTTP_307_TEMPORARY_REDIRECT,
             detail="Could not validate access",
             headers=headers
+        )
+def validate_signature(public_key: str, signature: str, data:str) -> bool:
+    public_key = RSA.import_key(public_key)
+    signature = base64.b64decode(signature)
+    data_ = SHA256.new(data.encode())
+    try:
+        pss.new(public_key).verify(data_, signature)
+        return True
+    except ValueError:
+        return False

static/js/chatHandler.js CHANGED Viewed

@@ -32,9 +32,13 @@ class ChatGPT{
     token = null;
     windowHandlers = {}
-    constructor(token){
         // Token JWT de ejecución
         this.token = token;
         this.cargarConfigs();
@@ -43,6 +47,29 @@ class ChatGPT{
         this.cargarChats()
     }
     cargarEventos(){

     token = null;
     windowHandlers = {}
+    constructor(token, fp, exportKey, tokenSigned){
         // Token JWT de ejecución
         this.token = token;
+        this.fp = fp
+        this.pubk = exportKey
+        this.tokenSigned = tokenSigned
+        this.obtenerToken()
         this.cargarConfigs();
         this.cargarChats()
+    }
+    obtenerToken(){
+        let data = {
+            fingerprint: this.fp,
+            public_key: this.pubk,
+            signature: this.tokenSigned,
+            data: this.token
+        }
+        $.ajax({
+            method: "POST",
+            url: "/getToken",
+            headers: {
+                "Autorization": "Bearer " + this.token,
+                'Content-Type': 'application/json',
+            },
+            data: JSON.stringify(data),
+            timeout: 5000,
+            dataType: "json"
+        })
     }
     cargarEventos(){

templates/main.html CHANGED Viewed

@@ -173,61 +173,66 @@
         </dialog>
         <script>
             var cHand;
             let versionLocal = localStorage.getItem("version")
             let versionRemota = "{{ version }}"
             $(document).ready(function() {
-                let x1 = window.crypto.subtle.generateKey(
-                    {
-                        name: "RSA-PSS",
-                        modulusLength: 1024,
-                        publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
-                        hash: {name: "SHA-256"},
-                    },
-                    false,
-                    ["sign"]
-                )
-                let x2 = x1.then(keypair =>{
-                    this.keypair = keypair;
-                    return window.crypto.subtle.exportKey(
-                        "spki",
-                        keypair.publicKey
-                    )})
-                let x3 = x2.then(exportedKey => {
-                    this.exportedKey = exportedKey;
-                    let c =  window.crypto.subtle.sign(
-                        {
-                            name: "RSA-PSS",
-                            saltLength: 128,
-                        },
-                        this.keypair.privateKey,
-                        new TextEncoder().encode("{{ token }}")
-                    );
-                    return c;
-                })
-                x3.catch(e => {
-                    console.log(e)
-                }).finally(y => {
-                    console.log( y)
-                })
-                console.log(x1)
-                console.log(x2)
-                console.log(x3)
-                // .then(sign_ba => {
-                //     let sign_u8 = new Uint8Array(sign_ba);
-                //     return btoa(String.fromCharCode(...sign_u8));
-                // }).then(sign => {
                 //     console.log("exportedKey");
                 //     console.log(this.exportedKey);
                 //     console.log("sign");

         </dialog>
         <script>
+        async function generatex(){
+            let keypair = await window.crypto.subtle.generateKey(
+                {
+                    name: "RSA-PSS",
+                    modulusLength: 1024,
+                    publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
+                    hash: {name: "SHA-256"},
+                },
+                false,
+                ["sign"]
+            )
+            let exportKey_ba = await window.crypto.subtle.exportKey(
+                "spki",
+                keypair.publicKey
+            )
+            let encoder = new TextEncoder()
+            let sign_ba = await window.crypto.subtle.sign(
+                {
+                    name: "RSA-PSS",
+                    saltLength: 32,
+                },
+                keypair.privateKey,
+                encoder.encode("{{ token }}")
+            )
+            let sign_u8 = new Uint8Array(sign_ba);
+            let sign = btoa(String.fromCharCode(...sign_u8))
+            let exportKey_u8 = new Uint8Array(exportKey_ba);
+            let exportKey = "-----BEGIN PUBLIC KEY-----\n"+btoa(String.fromCharCode(...exportKey_u8))+"\n-----END PUBLIC KEY-----"
+            console.log("exportedKey");
+            console.log(exportKey);
+            console.log("sign");
+            console.log(sign);
+            const fpPromise = await import('/static/js/fingerprintv4.js').then(FingerprintJS => FingerprintJS.load())
+            const fp = await fpPromise.get()
+            console.log(fp.visitorId)
             var cHand;
             let versionLocal = localStorage.getItem("version")
             let versionRemota = "{{ version }}"
+            cHand = new ChatGPT("{{ token }}", fp.visitorId, exportKey, sign);
+        }
+        generatex()
             $(document).ready(function() {
+                // let x1 = .then(keypair =>{
+                //     .then(exportedKey => {
+                //             return
+                //             ).then(sign_ba =>
+                //         })
+                // })
+                // console.log(x1)
+                // .then(sign => {
                 //     console.log("exportedKey");
                 //     console.log(this.exportedKey);
                 //     console.log("sign");