File size: 7,393 Bytes
c44d66d |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 |
import os
import streamlit as st
import pandas as pd
import time
from getmac import get_mac_address as gma
from requests import get
import platform, uuid, psutil
import json
# Security
#passlib,hashlib,bcrypt,scrypt
import hashlib
# Set direction as current folder
sourceFileDir = os.path.dirname(os.path.abspath(__file__))
os.chdir(sourceFileDir)
def make_hashes(password):
return hashlib.sha256(str.encode(password)).hexdigest()
def check_hashes(password, hashed_text):
if make_hashes(password) == hashed_text:
return hashed_text
return False
# DB Management
import sqlite3
conn = sqlite3.connect('data.db')
c = conn.cursor()
# DB Functions
def create_user_table():
c.execute('CREATE TABLE IF NOT EXISTS users(user_id INTEGER PRIMARY KEY AUTOINCREMENT,\
username TEXT NOT NULL, password TEXT NOT NULL)')
def add_user_data(username, password):
c.execute('INSERT INTO users(username, password) VALUES (?,?)',(username,password))
conn.commit()
def login_user(username, password):
c.execute('SELECT * FROM users WHERE username =? AND password = ?',(username,password))
data = c.fetchall()
return data
def view_all_users():
c.execute('SELECT * FROM users')
data = c.fetchall()
return data
def create_login_table():
# c.execute('DROP TABLE login')
c.execute('CREATE TABLE IF NOT EXISTS login(login_id INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT NOT NULL,\
login_time TEXT NOT NULL, login_duration TEXT NOT NULL,\
device_name TEXT, device_uuid TEXT, mac_address TEXT, device_vendor TEXT, device_version TEXT, device_model TEXT, device_ram TEXT,\
ip_v6 TEXT, ip_v4 TEXT, ip_country TEXT, ip_region TEXT, ip_city TEXT, ip_lat TEXT, ip_lon TEXT, ip_timezone TEXT, isp_name TEXT, isp_org TEXT, isp_as TEXT)')
def add_login_data(username, login_time, login_duration,\
device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as):
# c.execute('INSERT INTO login(username, login_time, login_duration,\
# device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram\
# ip_address, isp, lat, long, district, city) VALUES (?, ?, ?, ?, "1b1520d5-3dd0-4101-bda8-a0e22fc23ac2", ?, ?, "2001:ee0:4f84:6a70:652e:732d:859a:76e9", "Vietnam Posts and Telecommunications Group", 10.736807957581838, 106.66109367487196, "1", "Ho Chi Minh")',\
# (username, login_time, login_duration, device_name, mac_address, device_vendor))
c.execute('INSERT INTO login(username, login_time, login_duration,\
device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as)\
VALUES (?, ?, ?, \
?, ?, ?, ?, ?, ?, ?, \
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',\
(username, login_time, login_duration,\
device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as))
conn.commit()
# Export data to CSV
def export_csv():
# Export table login
db_df = pd.read_sql_query('SELECT * FROM login', conn)
db_df.to_csv('login.csv', index=False)
# Export table users
db_df = pd.read_sql_query('SELECT * FROM users', conn)
db_df.to_csv('users.csv', index=False)
def get_from_api(url, value=""):
# Use get method to fetch details from URL API
response = get(url + value)
if response.status_code != 200:
raise Exception("[!] Invalid request!")
return response.content.decode()
def get_ip_info(ip_v4):
# Get information from the ipv4
isp = get_from_api("http://ip-api.com/json/", ip_v4)
# Convert dictionary string to dictionary
isp = json.loads(isp)
# Get information from the dictionary
ip_country = isp["country"]
ip_region = isp["regionName"]
ip_city = isp["city"]
ip_lat = isp["lat"]
ip_lon = isp["lon"]
ip_timezone = isp["timezone"]
isp_name = isp["isp"]
isp_org = isp["org"]
isp_as = isp["as"]
return ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as
def main():
"""Banking Advanced Authentication Module"""
menu = ["Home", "SignUp", "User Login", "Testing Tool"]
choice = st.sidebar.selectbox("Menu",menu)
if choice == "Home":
st.subheader("Banking Advanced Authentication Module")
elif choice == "SignUp":
st.subheader("Create New Account")
new_user = st.text_input("Username")
new_password = st.text_input("Password",type='password')
if st.button("Signup"):
create_user_table()
add_user_data(new_user,make_hashes(new_password))
st.success("You have successfully created a valid Account")
st.info("Go to Login Menu to login")
elif choice == "User Login":
col1, col2, col3 = st.columns(3)
with col1:
st.image("img/blank.png")
with col2:
st.image("img/blank.png")
with col3:
st.image("img/Standard_Chartered.png")
with st.container():
st.subheader("Login")
time_start = time.time()
username = st.text_input("Username")
password = st.text_input("Password",type='password')
login = st.button("Login")
if login:
login_time = time.time()
hashed_pswd = make_hashes(password)
result = login_user(username,check_hashes(password,hashed_pswd))
if result:
login_duration = login_time - time_start
# Collect device information
device_name = platform.node()
device_uuid = uuid.getnode()
mac_address = gma()
device_vendor = get_from_api("https://api.macvendors.com/", mac_address)
device_version = platform.version()
device_model = platform.platform()
device_ram = str(round(psutil.virtual_memory().total / (1024.0 **3)))+" GB"
# Collect IP information
ip_v6 = get_from_api('https://ident.me')
ip_v4 = get_from_api('https://api.ipify.org')
ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as = get_ip_info(ip_v4)
create_login_table()
verification = False
############## Here is to put IF ELSE & Face verification logic to determine if it is the real user **********
##
##
##
## => verification = True
verification = True
if verification:
add_login_data(username, login_time, login_duration,\
device_name, device_uuid, mac_address, device_vendor, device_version, device_model, device_ram,\
ip_v6, ip_v4, ip_country, ip_region, ip_city, ip_lat, ip_lon, ip_timezone, isp_name, isp_org, isp_as)
# To export database to csv file (can be commented out if not needed)
# export_csv()
st.success("Logged In as {}".format(username))
task = st.selectbox("Task",["Add Post","Analytics","Profiles"])
if task == "Add Post":
st.subheader("Add Your Post")
elif task == "Analytics":
st.subheader("Analytics")
elif task == "Profiles":
st.subheader("User Profiles")
user_result = view_all_users()
clean_db = pd.DataFrame(user_result,columns=["Username","Password"])
st.dataframe(clean_db)
else:
st.warning("Not the real user => Fail to login.")
else:
st.warning("Incorrect Username/Password")
else:
st.subheader("Testing tool")
if __name__ == '__main__':
main()
|