From cd75870e425eb7c0b98f727c2591f3c4c83054a3 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sat, 17 Nov 2018 19:00:48 +0100 Subject: [PATCH] Addd more todos --- README.md | 30 ++++++++++++++++++++++++++++-- ungleichotp/otpauth/views.py | 2 +- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 910e0f4..6a0b5df 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,8 @@ them to verify a token of somebody else. - Use an existing token to connect to the service - All REST based messages: JSON -### POST: /verify + +### POST: /ungleichotp/verify Request JSON object: @@ -260,7 +261,32 @@ DATABASES = { } ``` +Custom auth + +``` +from django.contrib.auth.models import User +from rest_framework import authentication +from rest_framework import exceptions + +class ExampleAuthentication(authentication.BaseAuthentication): + def authenticate(self, request): + username = request.META.get('X_USERNAME') + if not username: + return None + + try: + user = User.objects.get(username=username) + except User.DoesNotExist: + raise exceptions.AuthenticationFailed('No such user') + + return (user, None) + +``` + ## TODOs -- [ ] serialize / input request +- [x] serialize / input request - [ ] Remove hard coded JSON +- [ ] Implement registering of new entries +- [ ] Use Custom authentication (?) - set User +- [ ] Maybe we map name+realm == User (?) diff --git a/ungleichotp/otpauth/views.py b/ungleichotp/otpauth/views.py index f9a1a92..b15fbce 100644 --- a/ungleichotp/otpauth/views.py +++ b/ungleichotp/otpauth/views.py @@ -6,7 +6,7 @@ from django.http import HttpResponse, JsonResponse import json -class VerifyViewSetV1(viewsets.ModelViewSet): +class ModelVerifyViewSet(viewsets.ModelViewSet): serializer_class = VerifySerializer def get_queryset(self):