add tools/get_hashes python script, update README

2023-07-28 23:29:29 +02:00 · 2023-07-28 23:29:29 +02:00 · 82693fd85a
parent 3b2818f150
commit 82693fd85a
2 changed files with 51 additions and 31 deletions
--- a/README.md
+++ b/README.md
@ -3,40 +3,32 @@
 - `esp32/` contains the micropython source which talks w/ NFC module and keypad over UART (two channels)
 - `keypad/` has some magical Arduino code (sorry)

+## scanning new cards
+
+connect USB cable, use `mpremote` or any serial termnal to listen to logs, read card hash from logs
+
+example:
+
+```
+$ mpremote 
+Connected to MicroPython at /dev/ttyUSB1
+Use Ctrl-] or Ctrl-x to exit this shell
+PN532: No response from PN532!
+PN532: No response from PN532!
+PN532: No response from PN532!
+Card UUID: 403dcb1e
+Card hash: dfe9bedbf230cf67dfa65249a7517af81175496642724a18ac728ecac7c90862
+Unknown hash, ignoring
+PN532: No response from PN532!
+PN532: No response from PN532!
+$
+```
+
 ## syncing data from LDAP

 big TODO; currently, you need to:
-1. clone the old doorman repo and patch the `doorman_ldap_sync` file (see my shitty patch attached below)
-
-```
--- a/admin/bin/doorman_ldap_sync
-+++ b/admin/bin/doorman_ldap_sync
-@@ -63,14 +63,18 @@ def get_target_cards(c):
- 
- if __name__ == "__main__":
-     url = argv[1] if len(argv) > 1 else options.url
-    token = get_token()
-    proto = Proto(url)
-+    #token = get_token()
-+    #proto = Proto(url)
- 
-     c = ldap.initialize('ldap://ldap.hackerspace.pl')
-     c.start_tls_s()
-    c.simple_bind_s('uid=%s,ou=People,dc=hackerspace,dc=pl' % (getpass.getuser(),), getpass.getpass('LDAP password: '))
-+    c.simple_bind_s('uid=%s,ou=People,dc=hackerspace,dc=pl' % ('sdomi',), getpass.getpass('LDAP password: '))
-     target = get_target_cards(c)
-    cur = get_current_cards(token, proto)
-+    pprint.pprint(target)
-+    for h, u in target:
-+        print(h)
-+
-+    #cur = get_current_cards(token, proto)
- 
-     to_remove = cur - target
-     to_add = target - cur
-```
-
-2. launch the script, copy all the lines with the hashes and save them a file
+1. use the `tools/get_hashes` python script to pull card hashes from LDAP (requires python-ldap)
+2. put the output in a `hashes` file
 3. `mpremote fs cp hashes :hashes`

 plans: web UI like vuko's design
--- a/tools/get_hashes
+++ b/tools/get_hashes
@ -0,0 +1,28 @@
+#!/usr/bin/env python3
+
+import ldap
+import getpass
+import pprint
+
+from sys import argv
+
+MEMBER_FILTER = ('(|'
+    '(memberOf=cn=starving,ou=Group,dc=hackerspace,dc=pl)'
+    '(memberOf=cn=fatty,ou=Group,dc=hackerspace,dc=pl)'
+    '(memberOf=cn=potato,ou=Group,dc=hackerspace,dc=pl)'
+    ')')
+
+def get_target_cards(c):
+    cards = set()
+    for user, attrs in c.search_s('ou=People,dc=hackerspace,dc=pl',ldap.SCOPE_SUBTREE,'(&(mifareIDHash=*)%s)' % MEMBER_FILTER, ['mifareIDHash', 'uid']):
+        for h in attrs['mifareIDHash']:
+            cards.add(h.decode('ascii'))
+    return cards
+
+if __name__ == "__main__":
+    c = ldap.initialize('ldap://ldap.hackerspace.pl')
+    c.start_tls_s()
+    c.simple_bind_s('uid=%s,ou=People,dc=hackerspace,dc=pl' % (getpass.getuser(),), getpass.getpass('LDAP password: '))
+    target = get_target_cards(c)
+    for h in target:
+        print(h)