Cleanup docs, remove debug print

1a54de52 · Nico Schottelius · 97b612e6 · 1a54de52 · 1a54de52
Commit 1a54de52 authored Feb 08, 2019 by Nico Schottelius
Hide whitespace changes
Inline Side-by-side

Showing with 27 additions and 28 deletions

README.md README.md +26 -27

otpauth/models.py otpauth/models.py +1 -1

No files found.
--- a/README.md
+++ b/README.md
@@ -18,14 +18,13 @@ Related documentation:

 ## Overview ##

-This repository the reference implementation of the ungleichotp
-server.
-
-
+This repository the reference implementation of the ungleichotp server.


 ## Using the ungleichotpclient ##

+The client can be used to test the ungleich-otp-server.
+
 All client commands need the parameters --auth-name and --auth-realm.
 Also either --auth-seed or --auth-token needs to be specified.
 ```
@@ -40,40 +39,36 @@ python manage.py ungleichotpclient create \
 ### Creating new users

 ```
--name USERNAME --realm REALMOFUSER --token TOKENTOBEVERIFIED verify
+--name USERNAME --realm REALMOFUSER create
 ```

-### Verifying a token is correct
+The seed is randomly created.

-Verify using:
+### Listing users

 ```
--name USERNAME --realm REALMOFUSER --token TOKENTOBEVERIFIED verify
+list
 ```

-You can also verify using a seed:
+### Deleting users

 ```
--name USERNAME --realm REALMOFUSER --seed SEEDOFUSER verify
+--name USERNAME --realm REALMOFUSER delete
 ```


+### Verifying a token is correct

-## Sample 2018-12-30
-
-create:
-(venv) [23:07] line:ungleich-otp% python manage.py ungleichotpclient create --server-url http://localhost:8000/ungleichotp/ --auth-name info@ungleich.ch --auth-realm ungleich-admin --auth-seed PZKBPTHDGSLZBKIZ  --name nico$(date +%s) --realm ungleich-admin
-
-verify:
+Verify using:

 ```
-(venv) [23:07] line:ungleich-otp% python manage.py ungleichotpclient verify --server-url http://localhost:8000/ungleichotp/ --auth-name info@ungleich.ch --auth-realm ungleich-admin --auth-seed PZKBPTHDGSLZBKIZ  --name nico1546206660 --realm ungleich-admin --seed IXTARIU4H2F574M3
+--name USERNAME --realm REALMOFUSER --token TOKENTOBEVERIFIED verify
 ```

-list:
+You can also verify using a seed:

 ```
-(venv) [23:14] line:ungleich-otp% python manage.py ungleichotpclient list --server-url http://localhost:8000/ungleichotp/ --auth-name info@ungleich.ch --auth-realm ungleich-admin --auth-seed PZKBPTHDGSLZBKIZ
+--name USERNAME --realm REALMOFUSER --seed SEEDOFUSER verify
 ```


@@ -105,13 +100,13 @@ All micro services that are trusted to authenticate another micro
 service should have an entry in the ungleich-auth realm, which allows
 them to verify a token of somebody else.

-
+```
 | Name             | Capabilities                               |
 |------------------+--------------------------------------------|
 | ungleich-admin   | authenticate, create, delete, list, update |
 | ungleich-auth    | authenticate                               |
 | all other realms | NO ACCESS                                  |
-
+```


 ## Verify using http POST  ##
@@ -165,8 +160,8 @@ your application.

 ## Limitations ##

-* Name, Realm and seed are hard coded to 128 bytes length. This can be
-  changed, if necessary.
+* Name, Realm and seed are hard coded to 128 bytes length.
+  This can be changed, if necessary.
 * Only python3 support for ungleichotp


@@ -191,8 +186,8 @@ your application.
 - [x] (server) Implement creating new "User" by POST / Model based
 - [n] (server) Remove hard coded JSON in /verify (no - good enough for the moment)
 - [x] (server) Fully rename server from ungleichotp to ungleichotpserver
- [ ] (security) Ensure that only the right realms can verify
- [ ] (security) Ensure that only the right realms can manage
+- [x] (security) Ensure that only the right realms can verify
+- [x] (security) Ensure that only the right realms can manage
 - [ ] (doc) Add proper documentation
 - [ ] (server) Add tests for verify
 - [ ] (server) Add tests for authentication
@@ -205,14 +200,18 @@ your application.
 - [ ] (client) Bootstrap Django + DRF (including an object for CRUD)
 - [ ] (client) Add custom authentication / remote auth
 - [ ] (client) Show case: any realm vs. specific realm
- [ ] (library) Write a "client library" that can use ungleichotp
- [ ] (library) extract generic parts from server
+- [x] (library) Write a "client library" that can use ungleichotp
+- [x] (library) extract generic parts from server
 - [ ] (library) upload to pypi



 ## Changelog

+### 0.8, 2019-02-08
+
+* Verify needed to call super()
+
 ### 0.6, 2018-11-18

 * Reuse TokenSerializer for VerifySerializer logic

--- a/otpauth/models.py
+++ b/otpauth/models.py
@@ -39,5 +39,5 @@ class OTPAuthentication(authentication.BaseAuthentication):
            if not request.path == "/ungleichotp/verify/":
                raise exceptions.AuthenticationFailed()

-        print("AUTH DONE: {} - {}".format(request.path, instance))
+        # print("AUTH DONE: {} - {}".format(request.path, instance))
        return (instance, token)