ungleich-otp/ungleichotp/otpauth/serializer.py

from rest_framework import serializers, exceptions
from otpauth.models import OTPSeed
import pyotp
import otpauth

class OTPSerializer(serializers.ModelSerializer):
    class Meta:
        model = OTPSeed
        fields = ('name', 'realm', 'seed')
        read_only_fields = ('seed',)

    def create(self, validated_data):
        validated_data['seed'] = pyotp.random_base32()
        return OTPSeed.objects.create(**validated_data)

class VerifySerializer(serializers.Serializer):
    name = serializers.CharField(max_length=128)
    token = serializers.CharField(max_length=128)
    realm = serializers.CharField(max_length=128)

    verifyname = serializers.CharField(max_length=128)
    verifytoken = serializers.CharField(max_length=128)
    verifyrealm = serializers.CharField(max_length=128)

    def save(self):
        token_in = self.validated_data.get('token')
        name_in =  self.validated_data.get('name')
        realm_in =  self.validated_data.get('realm')
        verifytoken = self.validated_data.get('verifytoken')
        verifyname =  self.validated_data.get('verifyname')
        verifyrealm =  self.validated_data.get('verifyrealm')

        # 1. Verify that the connection might authenticate
        try:
            db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)
        except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
            raise exceptions.AuthenticationFailed()

        totp = pyotp.TOTP(db_instance.seed)

        if not totp.verify(token_in, valid_window=3):
            raise exceptions.AuthenticationFailed()


        # 2. Verify the requested data
        try:
            verifyinstance = otpauth.models.OTPSeed.objects.get(name=verifyname, realm=verifyrealm)
        except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
            raise exceptions.PermissionDenied()

        totp = pyotp.TOTP(verifyinstance.seed)

        if not totp.verify(verifytoken, valid_window=3):
            raise exceptions.PermissionDenied()

        print("All verified!")
        return verifyinstance


class TokenSerializer(serializers.Serializer):
    name = serializers.CharField(max_length=128)
    token = serializers.CharField(max_length=128)
    realm = serializers.CharField(max_length=128)

    def save(self):
        token_in = self.validated_data.get('token')
        name_in =  self.validated_data.get('name')
        realm_in =  self.validated_data.get('realm')

        # 1. Verify that the connection might authenticate
        try:
            db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)
        except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
            raise exceptions.AuthenticationFailed()

        totp = pyotp.TOTP(db_instance.seed)

        if not totp.verify(token_in, valid_window=3):
            raise exceptions.AuthenticationFailed()

        return db_instance
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`from rest_framework import serializers, exceptions`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`from otpauth.models import OTPSeed`
			`import pyotp`
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`import otpauth`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
Add general viewset/serializer for otpseed 2018-11-17 20:54:59 +00:00			`class OTPSerializer(serializers.ModelSerializer):`
			`class Meta:`
			`model = OTPSeed`
Cleanup, expose seed read only 2018-11-17 21:15:17 +00:00			`fields = ('name', 'realm', 'seed')`
			`read_only_fields = ('seed',)`

Implement seed generating 2018-11-17 21:28:17 +00:00			`def create(self, validated_data):`
Cleanup! 2018-11-17 21:53:51 +00:00			`validated_data['seed'] = pyotp.random_base32()`
Implement seed generating 2018-11-17 21:28:17 +00:00			`return OTPSeed.objects.create(**validated_data)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`class VerifySerializer(serializers.Serializer):`
			`name = serializers.CharField(max_length=128)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`token = serializers.CharField(max_length=128)`
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`realm = serializers.CharField(max_length=128)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
			`verifyname = serializers.CharField(max_length=128)`
			`verifytoken = serializers.CharField(max_length=128)`
			`verifyrealm = serializers.CharField(max_length=128)`

Cleanup! 2018-11-17 21:53:51 +00:00			`def save(self):`
			`token_in = self.validated_data.get('token')`
			`name_in = self.validated_data.get('name')`
			`realm_in = self.validated_data.get('realm')`
			`verifytoken = self.validated_data.get('verifytoken')`
			`verifyname = self.validated_data.get('verifyname')`
			`verifyrealm = self.validated_data.get('verifyrealm')`
Can verify token 2018-11-17 17:48:12 +00:00
			`# 1. Verify that the connection might authenticate`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`try:`
Progressing, docs, queryset, viewset 2018-11-17 10:39:42 +00:00			`db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)`
			`except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):`
Can verify token 2018-11-17 17:48:12 +00:00			`raise exceptions.AuthenticationFailed()`

Progressing, docs, queryset, viewset 2018-11-17 10:39:42 +00:00			`totp = pyotp.TOTP(db_instance.seed)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
Can verify token 2018-11-17 17:48:12 +00:00			`if not totp.verify(token_in, valid_window=3):`
			`raise exceptions.AuthenticationFailed()`


			`# 2. Verify the requested data`
			`try:`
			`verifyinstance = otpauth.models.OTPSeed.objects.get(name=verifyname, realm=verifyrealm)`
			`except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):`
			`raise exceptions.PermissionDenied()`

			`totp = pyotp.TOTP(verifyinstance.seed)`

			`if not totp.verify(verifytoken, valid_window=3):`
			`raise exceptions.PermissionDenied()`

			`print("All verified!")`
			`return verifyinstance`
Begin to phase in custom authentication 2018-11-18 11:38:50 +00:00

			`class TokenSerializer(serializers.Serializer):`
			`name = serializers.CharField(max_length=128)`
			`token = serializers.CharField(max_length=128)`
			`realm = serializers.CharField(max_length=128)`

			`def save(self):`
			`token_in = self.validated_data.get('token')`
			`name_in = self.validated_data.get('name')`
			`realm_in = self.validated_data.get('realm')`

			`# 1. Verify that the connection might authenticate`
			`try:`
			`db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)`
			`except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):`
			`raise exceptions.AuthenticationFailed()`

			`totp = pyotp.TOTP(db_instance.seed)`

			`if not totp.verify(token_in, valid_window=3):`
			`raise exceptions.AuthenticationFailed()`

			`return db_instance`