ungleich-otp/otpauth/serializer.py

import pyotp
import otpauth
from rest_framework import serializers, exceptions
from otpauth.models import OTPSeed

# For accessing / modifying the data -- currently unused
class OTPSerializer(serializers.ModelSerializer):
    class Meta:
        model = OTPSeed
        fields = ('name', 'realm', 'seed')
        read_only_fields = ('seed',)

    def create(self, validated_data):
        validated_data['seed'] = pyotp.random_base32()
        return OTPSeed.objects.create(**validated_data)

class TokenSerializer(serializers.Serializer):
    name = serializers.CharField(max_length=128)
    realm = serializers.CharField(max_length=128)

    auth_name = serializers.CharField(max_length=128)
    auth_token = serializers.CharField(max_length=128)
    auth_realm = serializers.CharField(max_length=128)

    def create(self, validated_data):
        print("Trying to create")
        validated_data['seed'] = pyotp.random_base32()
        return OTPSeed.objects.create(**validated_data)

    def update(self, instance, validated_data):
        print("Trying to update")
        instance.name = validated_data.get('name', instance.name)
        instance.realm = validated_data.get('realm', instance.realm)
        instance.save()

        return instance

    def save(self):
        name_in =  self.validated_data.get("name")
        realm_in =  self.validated_data.get("realm")

        auth_token = self.validated_data.get("auth_token")
        auth_name =  self.validated_data.get("auth_name")
        auth_realm =  self.validated_data.get("auth_realm")

        print("auth: {}@'{}' {} + {})".format(auth_name, auth_realm, auth_token, self.validated_data))

        # 1. Verify that the connection might authenticate
        try:
            db_instance = otpauth.models.OTPSeed.objects.get(name=auth_name, realm=auth_realm)
        except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
            print("does not exist")
            raise exceptions.AuthenticationFailed()

        totp = pyotp.TOTP(db_instance.seed)
        print("calculated token = {}".format(totp.now()))

        if not totp.verify(auth_token, valid_window=3):
            raise exceptions.AuthenticationFailed()

        return (db_instance, auth_token)

# For verifying a token
class VerifySerializer(TokenSerializer):
    verifyname = serializers.CharField(max_length=128)
    verifytoken = serializers.CharField(max_length=128)
    verifyrealm = serializers.CharField(max_length=128)

    token_name = 'verifytoken'
    name_name = 'verifyname'
    realm_name = 'verifyrealm'


    # token_name = 'token'
    # name_name = 'name'
    # realm_name = 'realm'

    # auth_token_name = 'auth_token'
    # auth_name_name = 'auth_name'
    # auth_realm_name = 'auth_realm'
Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`import pyotp`
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`import otpauth`
reorder 2018-12-30 17:20:24 +00:00			`from rest_framework import serializers, exceptions`
			`from otpauth.models import OTPSeed`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`# For accessing / modifying the data -- currently unused`
Add general viewset/serializer for otpseed 2018-11-17 20:54:59 +00:00			`class OTPSerializer(serializers.ModelSerializer):`
			`class Meta:`
			`model = OTPSeed`
Cleanup, expose seed read only 2018-11-17 21:15:17 +00:00			`fields = ('name', 'realm', 'seed')`
			`read_only_fields = ('seed',)`

Implement seed generating 2018-11-17 21:28:17 +00:00			`def create(self, validated_data):`
Cleanup! 2018-11-17 21:53:51 +00:00			`validated_data['seed'] = pyotp.random_base32()`
Implement seed generating 2018-11-17 21:28:17 +00:00			`return OTPSeed.objects.create(**validated_data)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00			`class TokenSerializer(serializers.Serializer):`
			`name = serializers.CharField(max_length=128)`
			`realm = serializers.CharField(max_length=128)`

In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`auth_name = serializers.CharField(max_length=128)`
			`auth_token = serializers.CharField(max_length=128)`
			`auth_realm = serializers.CharField(max_length=128)`

			`def create(self, validated_data):`
Post works, w/o creating an object 2018-12-30 21:41:17 +00:00			`print("Trying to create")`
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`validated_data['seed'] = pyotp.random_base32()`
			`return OTPSeed.objects.create(**validated_data)`

			`def update(self, instance, validated_data):`
Post works, w/o creating an object 2018-12-30 21:41:17 +00:00			`print("Trying to update")`
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`instance.name = validated_data.get('name', instance.name)`
			`instance.realm = validated_data.get('realm', instance.realm)`
			`instance.save()`

			`return instance`
++ doc, begin improving serializers 2018-11-18 12:24:09 +00:00
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00			`def save(self):`
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`name_in = self.validated_data.get("name")`
			`realm_in = self.validated_data.get("realm")`

			`auth_token = self.validated_data.get("auth_token")`
			`auth_name = self.validated_data.get("auth_name")`
			`auth_realm = self.validated_data.get("auth_realm")`
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`print("auth: {}@'{}' {} + {})".format(auth_name, auth_realm, auth_token, self.validated_data))`
Debug++ 2018-11-18 12:29:07 +00:00
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00			`# 1. Verify that the connection might authenticate`
			`try:`
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`db_instance = otpauth.models.OTPSeed.objects.get(name=auth_name, realm=auth_realm)`
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00			`except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):`
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`print("does not exist")`
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00			`raise exceptions.AuthenticationFailed()`

			`totp = pyotp.TOTP(db_instance.seed)`
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`print("calculated token = {}".format(totp.now()))`
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00			`if not totp.verify(auth_token, valid_window=3):`
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00			`raise exceptions.AuthenticationFailed()`

Post works, w/o creating an object 2018-12-30 21:41:17 +00:00			`return (db_instance, auth_token)`
++ doc, begin improving serializers 2018-11-18 12:24:09 +00:00
Be python friendly, don't use dashes 2018-11-18 13:33:30 +00:00			`# For verifying a token`
++ doc, begin improving serializers 2018-11-18 12:24:09 +00:00			`class VerifySerializer(TokenSerializer):`
Finish the verifyserializer 2018-11-18 12:35:06 +00:00			`verifyname = serializers.CharField(max_length=128)`
			`verifytoken = serializers.CharField(max_length=128)`
			`verifyrealm = serializers.CharField(max_length=128)`

++ doc, begin improving serializers 2018-11-18 12:24:09 +00:00			`token_name = 'verifytoken'`
			`name_name = 'verifyname'`
			`realm_name = 'verifyrealm'`
In between hacking commit Trying to rip out the auth part 2018-12-30 21:30:11 +00:00

			`# token_name = 'token'`
			`# name_name = 'name'`
			`# realm_name = 'realm'`

			`# auth_token_name = 'auth_token'`
			`# auth_name_name = 'auth_name'`
			`# auth_realm_name = 'auth_realm'`