Browse Source

Begin integration of django rest framework

patch-1
Nico Schottelius 4 years ago
parent
commit
41c49800ee
  1. 85
      README.md
  2. 5
      requirements.txt
  3. 1
      ungleichotp/ungleichotp/settings.py
  4. 31
      ungleichotp/ungleichotp/urls.py

85
README.md

@ -1,56 +1,82 @@
# ungleich-otp
The ungleich OTP service that allows you access to the ungleich micro
service infrastructure.
ungleich-otp is a full blown authentication and authorisation service
made for micro services.
We are using
The basic idea is that every micro service has a (long term) seed and
creates time based tokens (TOTP, RFCXXXX).
- nameko for internal communication
- django for the DB + admin interface
## Setup instructions ##
## Status
This is a standard django project and thus can be easily setup using
In development, pre production.
```
pip install -r requirements.txt
```
To bootstrap the application, you need your very first trusted seed to
access the application. You can generate it using
```
to be filled in
```
## Usage: WEB
After that, you can run the application using
- No user interface (UI) supported (?)
-> idea is to keep flow logic in ungleich-dynamicweb
```
python manage.py runserver
```
## Usage: BUS
The usual instructions on how to setup an https proxy should be followed.
### RPC: verify(appuuid, token, appuuidtoverify, tokentoverify)
## Realms ##
Verify whether the requesting app is authenticated. This is only
allowed to be used for trusted appuuids.
Access is granting/denied based on realms. There are two reserved
realms, all other realms can be used by the users:
Returns a JSON object:
* ungleich-admin: realm??
## Status ##
## Usage: REST ##
- Use an existing token to connect to the service
- All REST based messages: JSON
### POST: /verify
Request JSON object:
Either
```
{
status: "OK"
version: "1",
appuuid: "your-app-uuid",
token: "current time based token",
appuuidtoverify: "appuuid that wants to be authenticated",
tokentoverify: "current time based token of appuuidtoverify",
}
```
OR
Response JSON object:
Either
```
{
status: "FAIL"
status: "OK",
}
```
OR
```
{
status: "FAIL",
}
```
## Usage: REST
- Use an existing token to connect to the service
- All REST based messages: JSON
### POST: /verify
### POST /register
Not sure if this one will be publicly available.
Register a new seed. Returns an app ID.
Request JSON object:
@ -59,17 +85,17 @@ Request JSON object:
version: "1",
appuuid: "your-app-uuid",
token: "current time based token",
appuuidtoverify: "appuuid that wants to be authenticated",
tokentoverify: "current time based token of appuuidtoverify",
username: "user this app belongs to",
appname: "name of your web app"
}
```
Response JSON object:
Either
```
{
status: "OK",
appuuid: "UUID of your app",
}
```
@ -78,6 +104,7 @@ OR
```
{
status: "FAIL",
error: "Reason for failure"
}
```

5
requirements.txt

@ -1,2 +1,7 @@
pyotp>=2.2.6
django>=2.1.2
djangorestframework
# Recommended
markdown
django-filter

1
ungleichotp/ungleichotp/settings.py

@ -37,6 +37,7 @@ INSTALLED_APPS = [
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'otpauth'
]

31
ungleichotp/ungleichotp/urls.py

@ -15,7 +15,38 @@ Including another URLconf
"""
from django.contrib import admin
from django.urls import path
# from django.conf.urls import url, include
# urlpatterns = [
# url(r'^api-auth/', include('rest_framework.urls'))
# ]
from django.conf.urls import url, include
from django.contrib.auth.models import User
from rest_framework import routers, serializers, viewsets
# Serializers define the API representation.
class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = User
fields = ('url', 'username', 'email', 'is_staff')
# ViewSets define the view behavior.
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
# Routers provide an easy way of automatically determining the URL conf.
router = routers.DefaultRouter()
router.register(r'users', UserViewSet)
# Wire up our API using automatic URL routing.
# Additionally, we include login URLs for the browsable API.
urlpatterns = [
path('admin/', admin.site.urls),
url(r'^', include(router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework'))
]

Loading…
Cancel
Save