ungleich-otp/ungleichotp/otpauth/serializer.py

from rest_framework import serializers, exceptions
from otpauth.models import OTPSeed
import pyotp
import otpauth

# class OTPSerializer(serializers.ModelSerializer):
#     class Meta:
#         model = OTPSeed
#         fields = ('name', 'realm')

#     token = serializers.CharField(max_length=128)

#     verifyname = serializers.CharField(max_length=128)
#     verifytoken = serializers.CharField(max_length=128)
#     verifyrealm = serializers.CharField(max_length=128)


# class VerifySerializer(serializers.ModelSerializer):
#     class Meta:
#         model = OTPSeed
#         fields = ('name', 'realm', 'token', 'verifyname', 'verifytoken', 'verifyrealm')

class VerifySerializer(serializers.Serializer):
    name = serializers.CharField(max_length=128)
    token = serializers.CharField(max_length=128)
    realm = serializers.CharField(max_length=128)

    verifyname = serializers.CharField(max_length=128)
    verifytoken = serializers.CharField(max_length=128)
    verifyrealm = serializers.CharField(max_length=128)

    def create(self, validated_data):
        token_in = validated_data.get('token')
        name_in =  validated_data.get('name')
        realm_in =  validated_data.get('realm')

        verifytoken = validated_data.get('verifytoken')
        verifyname =  validated_data.get('verifyname')
        verifyrealm =  validated_data.get('verifyrealm')

        # 1. Verify that the connection might authenticate

        try:
            db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)
        except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
            raise exceptions.AuthenticationFailed()

        print("serializer found object")

        totp = pyotp.TOTP(db_instance.seed)

        if not totp.verify(token_in, valid_window=3):
            raise exceptions.AuthenticationFailed()


        # 2. Verify the requested data

        try:
            verifyinstance = otpauth.models.OTPSeed.objects.get(name=verifyname, realm=verifyrealm)
        except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
            raise exceptions.PermissionDenied()

        totp = pyotp.TOTP(verifyinstance.seed)

        if not totp.verify(verifytoken, valid_window=3):
            raise exceptions.PermissionDenied()

        print("All verified!")
        return verifyinstance
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`from rest_framework import serializers, exceptions`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`from otpauth.models import OTPSeed`
			`import pyotp`
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`import otpauth`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`# class OTPSerializer(serializers.ModelSerializer):`
			`# class Meta:`
			`# model = OTPSeed`
			`# fields = ('name', 'realm')`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`# token = serializers.CharField(max_length=128)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`# verifyname = serializers.CharField(max_length=128)`
			`# verifytoken = serializers.CharField(max_length=128)`
			`# verifyrealm = serializers.CharField(max_length=128)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00

In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`# class VerifySerializer(serializers.ModelSerializer):`
			`# class Meta:`
			`# model = OTPSeed`
			`# fields = ('name', 'realm', 'token', 'verifyname', 'verifytoken', 'verifyrealm')`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`class VerifySerializer(serializers.Serializer):`
			`name = serializers.CharField(max_length=128)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`token = serializers.CharField(max_length=128)`
In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`realm = serializers.CharField(max_length=128)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
			`verifyname = serializers.CharField(max_length=128)`
			`verifytoken = serializers.CharField(max_length=128)`
			`verifyrealm = serializers.CharField(max_length=128)`

In between commit w/ serializer error 2018-11-17 16:46:16 +00:00			`def create(self, validated_data):`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`token_in = validated_data.get('token')`
			`name_in = validated_data.get('name')`
			`realm_in = validated_data.get('realm')`

Can verify token 2018-11-17 17:48:12 +00:00			`verifytoken = validated_data.get('verifytoken')`
			`verifyname = validated_data.get('verifyname')`
			`verifyrealm = validated_data.get('verifyrealm')`

			`# 1. Verify that the connection might authenticate`

Begin to implement auth logic 2018-11-17 10:21:35 +00:00			`try:`
Progressing, docs, queryset, viewset 2018-11-17 10:39:42 +00:00			`db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)`
			`except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):`
Can verify token 2018-11-17 17:48:12 +00:00			`raise exceptions.AuthenticationFailed()`

			`print("serializer found object")`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
Progressing, docs, queryset, viewset 2018-11-17 10:39:42 +00:00			`totp = pyotp.TOTP(db_instance.seed)`
Begin to implement auth logic 2018-11-17 10:21:35 +00:00
Can verify token 2018-11-17 17:48:12 +00:00			`if not totp.verify(token_in, valid_window=3):`
			`raise exceptions.AuthenticationFailed()`


			`# 2. Verify the requested data`

			`try:`
			`verifyinstance = otpauth.models.OTPSeed.objects.get(name=verifyname, realm=verifyrealm)`
			`except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):`
			`raise exceptions.PermissionDenied()`

			`totp = pyotp.TOTP(verifyinstance.seed)`

			`if not totp.verify(verifytoken, valid_window=3):`
			`raise exceptions.PermissionDenied()`

			`print("All verified!")`
			`return verifyinstance`