#!/usr/bin/env python # -*- coding: utf-8 # # mumble-auth.py - Sample script to show the basics of using server controlled # context menu entries for in-client registration tickets. # # Requirements: # * python 2.5 or higher # * cherrypy 3 or higher # * python ice bindings # * murmur + mumble rev 1530 or higher import cherrypy import Ice from threading import Semaphore import random, time # #--- Config stuff # baseurl = "http://localhost:8080/register?id=" # Baseurl for registrations storage_time = 10*24*60*60 # Time in seconds a reg entry is guaranteed to be valid proxy = "Meta:tcp -h 127.0.0.1 -p 6502" group = "admin" # ACL group which has the right to send regurls host = "0.0.0.0" # Interface to listen on port = 8080 # Cherrypy port slice = "Murmur.ice" production = False # Set this to true to surpress tracebacks # Runtime generate bindings Ice.loadSlice(slice) import Murmur # Global vars sema_ids = Semaphore() ids = {} #Contains list(sid, user, time) class MetaCallbackI(Murmur.MetaCallback): def started(self, s, current=None): serverR = Murmur.ServerCallbackPrx.uncheckedCast(adapter.addWithUUID(ServerCallbackI(server, current.adapter))) s.addCallback(serverR) def stopped(self, s, current=None): pass # Unused callback class ServerCallbackI(Murmur.ServerCallback): def __init__(self, server, adapter): self.server = server self.contextR=Murmur.ServerContextCallbackPrx.uncheckedCast(adapter.addWithUUID(ServerContextCallbackI(server))) def userConnected(self, p, current=None): if p.userid != 0: # SuperUser is always allowed # Check if the user is in the right acl class and add the context menu allowed = False for acl in self.server.getACL(0)[1]: if acl.name == group and p.userid in acl.members: allowed = True break if not allowed: return self.server.addContextCallback(p.session, "sendregurl", "Send registration URL", self.contextR, Murmur.ContextUser) def userDisconnected(self, p, current=None): pass # Unused callbacks def userStateChanged(self, p, current=None): pass def channelCreated(self, c, current=None): pass def channelRemoved(self, c, current=None): pass def channelStateChanged(self, c, current=None): pass class ServerContextCallbackI(Murmur.ServerContextCallback): #--- Server message template strings err_notallowed = "You are not allowed to send registration urls" msg_regurl = "You've been allowed to register with this mumble server, " \ "please click here to register." def __init__(self, server): self.server = server def contextAction(self, action, p, session, chanid, current=None): if action == "sendregurl" and p: if p.userid != 0: # If it isn't SuperUser check if he is in the right acl group allowed = False for acl in self.server.getACL(0)[1]: if acl.name == group and p.userid in acl.members: allowed = True break if not allowed: self.server.sendMessage(p, self.err_notallowed) return sema_ids.acquire() try: # Take the chance to cleanup old entries todel = [] for key, reg in ids.iteritems(): if int(time.time()) - reg[2] > storage_time: todel.append(key) for key in todel: del ids[key] # Ok, now generate his registration id (64bit) rid = None while not rid or rid in ids: rid = random.randrange(0, pow(2,64)) sid = self.server.id() # Remember his username try: username = self.server.getState(session).name except Murmur.InvalidSessionException: username = "" # Save everything ids[str(rid)] = (sid, username, int(time.time())) # Send reg url to the user url = baseurl + str(rid) self.server.sendMessage(session, self.msg_regurl % {'url':url}) finally: sema_ids.release() class mumble_auth(object): #--- Web template strings template = """
The ID for your registration has already been used or is invalid.
Please request a new registration link from a Mumble administrator.
The username you chose contains characters which are not allowed.
Please only use normal characters without whitespaces.
The username you chose is already registered on this server.
Please choose another one.
The password you chose didn't match the criteria enforced by this server.
Your password should be at least 6 characters long.
The password you entered did not match the one in the confirmation box.
Make sure both boxes contain the same password.
This is the mumble-auth script, to be able to register yourself an account please ask a admin on the mumble server.
""" body_complete = """
You have been registered with the server successfully,
please try to login to the server with your new login credentials!