ungleich-otp/otpauth/models.py

44 lines
1.4 KiB
Python
Raw Normal View History

2018-10-26 19:08:01 +00:00
from django.db import models
2018-11-17 20:45:53 +00:00
from django.contrib.auth.models import AbstractUser
2018-12-30 16:57:02 +00:00
from rest_framework import exceptions
from rest_framework import authentication
2018-12-30 16:57:02 +00:00
2018-11-17 22:00:36 +00:00
class OTPSeed(AbstractUser):
2018-11-17 09:01:24 +00:00
id = models.AutoField(primary_key=True)
name = models.CharField(max_length=128)
realm = models.CharField(max_length=128)
2018-10-26 19:48:21 +00:00
seed = models.CharField(max_length=128)
class Meta:
unique_together = (('name', 'realm'),)
2018-12-30 21:51:34 +00:00
def save(self, *args, **kwargs):
"""
inject username to ensure it stays unique / is setup at all
"""
self.username = "{}@{}".format(self.name, self.realm)
super().save(*args, **kwargs)
2018-12-30 21:51:34 +00:00
def __str__(self):
return "'{}'@{} -- {}".format(self.name, self.realm, self.username)
from otpauth.serializer import TokenSerializer
class OTPAuthentication(authentication.BaseAuthentication):
def authenticate(self, request):
serializer = TokenSerializer(data=request.data)
if serializer.is_valid():
instance, token = serializer.save()
else:
raise exceptions.AuthenticationFailed()
# not dealing with admin realm -> can only be auth [see serializer]
if not instance.realm == "ungleich-admin":
if not request.path == "/ungleichotp/verify/":
raise exceptions.AuthenticationFailed()
2019-02-08 19:00:28 +00:00
# print("AUTH DONE: {} - {}".format(request.path, instance))
return (instance, token)