from rest_framework import serializers, exceptions from otpauth.models import OTPSeed import pyotp import otpauth # class OTPSerializer(serializers.ModelSerializer): # class Meta: # model = OTPSeed # fields = ('name', 'realm') # token = serializers.CharField(max_length=128) # verifyname = serializers.CharField(max_length=128) # verifytoken = serializers.CharField(max_length=128) # verifyrealm = serializers.CharField(max_length=128) # class VerifySerializer(serializers.ModelSerializer): # class Meta: # model = OTPSeed # fields = ('name', 'realm', 'token', 'verifyname', 'verifytoken', 'verifyrealm') class VerifySerializer(serializers.Serializer): name = serializers.CharField(max_length=128) token = serializers.CharField(max_length=128) realm = serializers.CharField(max_length=128) verifyname = serializers.CharField(max_length=128) verifytoken = serializers.CharField(max_length=128) verifyrealm = serializers.CharField(max_length=128) def create(self, validated_data): token_in = validated_data.get('token') name_in = validated_data.get('name') realm_in = validated_data.get('realm') verifytoken = validated_data.get('verifytoken') verifyname = validated_data.get('verifyname') verifyrealm = validated_data.get('verifyrealm') # 1. Verify that the connection might authenticate try: db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in) except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist): raise exceptions.AuthenticationFailed() print("serializer found object") totp = pyotp.TOTP(db_instance.seed) if not totp.verify(token_in, valid_window=3): raise exceptions.AuthenticationFailed() # 2. Verify the requested data try: verifyinstance = otpauth.models.OTPSeed.objects.get(name=verifyname, realm=verifyrealm) except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist): raise exceptions.PermissionDenied() totp = pyotp.TOTP(verifyinstance.seed) if not totp.verify(verifytoken, valid_window=3): raise exceptions.PermissionDenied() print("All verified!") return verifyinstance