added minimal flask app

This commit is contained in:
wcolmenares 2019-06-01 08:03:59 -04:00
parent 9e3aad1316
commit 95b5b173d6
2 changed files with 66 additions and 0 deletions

0
flaskapp/__init__.py Normal file
View file

66
flaskapp/app.py Normal file
View file

@ -0,0 +1,66 @@
from flask import Flask, request, jsonify, json
from flask_restful import Resource, Api
import requests
from decouple import config
from pyotp import TOTP
app = Flask(__name__)
api = Api(app)
def check_otp(name, realm, token):
data = {
"auth_name": config('AUTH_NAME', ''),
"auth_token": TOTP(config('AUTH_SEED', '')).now(),
"auth_realm": config('AUTH_REALM', ''),
"name": name,
"realm": realm,
"token": token
}
response = requests.post(
"https://{OTP_SERVER}{OTP_VERIFY_ENDPOINT}".format(
OTP_SERVER=config('OTP_SERVER', ''),
OTP_VERIFY_ENDPOINT=config('OTP_VERIFY_ENDPOINT', '/ungleichotp/verify/')
),
data=data
)
return response.status_code
class MainView(Resource):
def get(self):
return jsonify({'Detail': 'This view is open to users'})
class ProtectedView(Resource):
def post(self):
data = request.get_json()
if data is not None:
try:
user = data['name']
realm = data['realm']
token = data['token']
assert(realm == config('REALM_ALLOWED'))
code = check_otp(user, realm, token)
assert(code == 200)
except KeyError or AssertionError:
response = app.response_class(response=json.dumps({'Message': 'Invalid data'}),
status=400,
mimetype='application/json')
return response
response = app.response_class(response=json.dumps({'data sent': data}),
status=200,
mimetype='application/json')
return response
else:
return app.response_class(response=json.dumps({'Message': 'invalid request'}),
status=400,
mimetype='application/json')
api.add_resource(MainView, '/')
api.add_resource(ProtectedView, '/protected')
if __name__ == '__main__':
app.run(host='0.0.0.0')