Log errors/debug messages
This commit is contained in:
PCoder
parent
fd0f0b56bd
commit
636b3d3052
1 changed files with 16 additions and 3 deletions
|
|
@ -1,8 +1,11 @@
|
||||||
|
import logging
|
||||||
import pyotp
|
import pyotp
|
||||||
import otpauth
|
import otpauth
|
||||||
from rest_framework import serializers, exceptions
|
from rest_framework import serializers, exceptions
|
||||||
from otpauth.models import OTPSeed
|
from otpauth.models import OTPSeed
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
# For accessing / modifying the data -- currently unused
|
# For accessing / modifying the data -- currently unused
|
||||||
class OTPSerializer(serializers.ModelSerializer):
|
class OTPSerializer(serializers.ModelSerializer):
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
@ -32,21 +35,30 @@ class TokenSerializer(serializers.Serializer):
|
||||||
|
|
||||||
# only 2 special realms can login
|
# only 2 special realms can login
|
||||||
if not auth_realm in ["ungleich-admin", "ungleich-auth" ]:
|
if not auth_realm in ["ungleich-admin", "ungleich-auth" ]:
|
||||||
|
logger.error("Auth-realm is neither ungleich-admin "
|
||||||
|
"nor ungleich-auth".format()
|
||||||
|
)
|
||||||
raise exceptions.AuthenticationFailed()
|
raise exceptions.AuthenticationFailed()
|
||||||
|
|
||||||
print("auth: [{}]{}@'{}' {} + {})".format(self.name_name, auth_name, auth_realm, auth_token, self.validated_data))
|
logger.debug("auth: [{}]{}@'{}' {} + {})".format(
|
||||||
|
self.name_name, auth_name, auth_realm,
|
||||||
|
auth_token, self.validated_data
|
||||||
|
))
|
||||||
|
|
||||||
# 1. Verify that the connection might authenticate
|
# 1. Verify that the connection might authenticate
|
||||||
try:
|
try:
|
||||||
db_instance = otpauth.models.OTPSeed.objects.get(name=auth_name, realm=auth_realm)
|
db_instance = otpauth.models.OTPSeed.objects.get(name=auth_name, realm=auth_realm)
|
||||||
except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
|
except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
|
||||||
print("does not exist")
|
logger.error("OTPSeed name: {}, realm: {} does not exist".format(
|
||||||
|
auth_name, auth_realm
|
||||||
|
))
|
||||||
raise exceptions.AuthenticationFailed()
|
raise exceptions.AuthenticationFailed()
|
||||||
|
|
||||||
totp = pyotp.TOTP(db_instance.seed)
|
totp = pyotp.TOTP(db_instance.seed)
|
||||||
print("calculated token = {}".format(totp.now()))
|
logger.debug("calculated token = {}".format(totp.now()))
|
||||||
|
|
||||||
if not totp.verify(auth_token, valid_window=3):
|
if not totp.verify(auth_token, valid_window=3):
|
||||||
|
logger.error("totp not verified")
|
||||||
raise exceptions.AuthenticationFailed()
|
raise exceptions.AuthenticationFailed()
|
||||||
|
|
||||||
return (db_instance, auth_token)
|
return (db_instance, auth_token)
|
||||||
|
|
@ -65,6 +77,7 @@ class VerifySerializer(TokenSerializer):
|
||||||
auth_realm = self.validated_data.get("auth_realm")
|
auth_realm = self.validated_data.get("auth_realm")
|
||||||
|
|
||||||
if not auth_realm == "ungleich-auth":
|
if not auth_realm == "ungleich-auth":
|
||||||
|
logger.error("Auth-realm is not ungleich-auth")
|
||||||
raise exceptions.AuthenticationFailed()
|
raise exceptions.AuthenticationFailed()
|
||||||
|
|
||||||
# Do the authentication part
|
# Do the authentication part
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue