Begin integration of django rest framework

This commit is contained in:
Nico Schottelius 2018-11-17 01:11:17 +01:00
parent 536e639cd3
commit 41c49800ee
4 changed files with 101 additions and 37 deletions

101
README.md
View File

@ -1,57 +1,50 @@
# ungleich-otp
The ungleich OTP service that allows you access to the ungleich micro
service infrastructure.
ungleich-otp is a full blown authentication and authorisation service
made for micro services.
We are using
The basic idea is that every micro service has a (long term) seed and
creates time based tokens (TOTP, RFCXXXX).
- nameko for internal communication
- django for the DB + admin interface
## Setup instructions ##
## Status
In development, pre production.
## Usage: WEB
- No user interface (UI) supported (?)
-> idea is to keep flow logic in ungleich-dynamicweb
## Usage: BUS
### RPC: verify(appuuid, token, appuuidtoverify, tokentoverify)
Verify whether the requesting app is authenticated. This is only
allowed to be used for trusted appuuids.
Returns a JSON object:
Either
```
{
status: "OK"
}
```
OR
This is a standard django project and thus can be easily setup using
```
{
status: "FAIL"
}
pip install -r requirements.txt
```
To bootstrap the application, you need your very first trusted seed to
access the application. You can generate it using
```
to be filled in
```
## Usage: REST
After that, you can run the application using
```
python manage.py runserver
```
The usual instructions on how to setup an https proxy should be followed.
## Realms ##
Access is granting/denied based on realms. There are two reserved
realms, all other realms can be used by the users:
* ungleich-admin: realm??
## Status ##
## Usage: REST ##
- Use an existing token to connect to the service
- All REST based messages: JSON
### POST: /verify
Not sure if this one will be publicly available.
Request JSON object:
```
@ -81,6 +74,40 @@ OR
}
```
### POST /register
Register a new seed. Returns an app ID.
Request JSON object:
```
{
version: "1",
appuuid: "your-app-uuid",
token: "current time based token",
username: "user this app belongs to",
appname: "name of your web app"
}
```
Response JSON object:
```
{
status: "OK",
appuuid: "UUID of your app",
}
```
OR
```
{
status: "FAIL",
error: "Reason for failure"
}
```
### POST /app/register
Register a new app. Returns an app ID.

View File

@ -1,2 +1,7 @@
pyotp>=2.2.6
django>=2.1.2
djangorestframework
# Recommended
markdown
django-filter

View File

@ -37,6 +37,7 @@ INSTALLED_APPS = [
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'otpauth'
]

View File

@ -15,7 +15,38 @@ Including another URLconf
"""
from django.contrib import admin
from django.urls import path
# from django.conf.urls import url, include
# urlpatterns = [
# url(r'^api-auth/', include('rest_framework.urls'))
# ]
from django.conf.urls import url, include
from django.contrib.auth.models import User
from rest_framework import routers, serializers, viewsets
# Serializers define the API representation.
class UserSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = User
fields = ('url', 'username', 'email', 'is_staff')
# ViewSets define the view behavior.
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
# Routers provide an easy way of automatically determining the URL conf.
router = routers.DefaultRouter()
router.register(r'users', UserViewSet)
# Wire up our API using automatic URL routing.
# Additionally, we include login URLs for the browsable API.
urlpatterns = [
path('admin/', admin.site.urls),
url(r'^', include(router.urls)),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework'))
]