Cleanup!
This commit is contained in:
Nico Schottelius
parent
2d147d961c
commit
a0d15ecf23
136
README.md
136
README.md
|
|
@ -78,143 +78,31 @@ Request JSON object:
|
|||
|
||||
Response JSON object:
|
||||
|
||||
Either
|
||||
Either HTTP 200 with
|
||||
```
|
||||
{
|
||||
status: "OK",
|
||||
}
|
||||
```
|
||||
|
||||
OR
|
||||
OR return code 403:
|
||||
|
||||
* If token for authenticating is wrong, you get
|
||||
|
||||
```
|
||||
{
|
||||
status: "FAIL",
|
||||
}
|
||||
{"detail":"Incorrect authentication credentials."}
|
||||
```
|
||||
|
||||
### POST /register
|
||||
|
||||
Register a new seed. Returns an app ID.
|
||||
|
||||
Request JSON object:
|
||||
* If token that is being verified is wrong, you get
|
||||
|
||||
```
|
||||
{
|
||||
version: "1",
|
||||
appuuid: "your-app-uuid",
|
||||
token: "current time based token",
|
||||
username: "user this app belongs to",
|
||||
appname: "name of your web app"
|
||||
}
|
||||
{"detail":"You do not have permission to perform this action."}
|
||||
```
|
||||
|
||||
Response JSON object:
|
||||
### GET, POST, ... /ungleichotp/
|
||||
|
||||
```
|
||||
{
|
||||
status: "OK",
|
||||
appuuid: "UUID of your app",
|
||||
}
|
||||
```
|
||||
|
||||
OR
|
||||
|
||||
```
|
||||
{
|
||||
status: "FAIL",
|
||||
error: "Reason for failure"
|
||||
}
|
||||
```
|
||||
|
||||
### POST /app/register
|
||||
|
||||
Register a new app. Returns an app ID.
|
||||
|
||||
Request JSON object:
|
||||
|
||||
```
|
||||
{
|
||||
version: "1",
|
||||
appuuid: "your-app-uuid",
|
||||
token: "current time based token",
|
||||
username: "user this app belongs to",
|
||||
appname: "name of your web app"
|
||||
}
|
||||
```
|
||||
|
||||
Response JSON object:
|
||||
|
||||
```
|
||||
{
|
||||
status: "OK",
|
||||
appuuid: "UUID of your app",
|
||||
}
|
||||
```
|
||||
|
||||
OR
|
||||
|
||||
```
|
||||
{
|
||||
status: "FAIL",
|
||||
error: "Reason for failure"
|
||||
}
|
||||
```
|
||||
|
||||
### GET /app
|
||||
|
||||
List all registered apps for the current user.
|
||||
|
||||
Request JSON object:
|
||||
|
||||
```
|
||||
{
|
||||
version: "1",
|
||||
appuuid: "your-app-uuid",
|
||||
token: "current time based token"
|
||||
}
|
||||
```
|
||||
|
||||
Response JSON object:
|
||||
|
||||
```
|
||||
{
|
||||
status: "OK",
|
||||
apps: [
|
||||
{
|
||||
name: "name of your web app"
|
||||
appuuid: "UUID of your app",
|
||||
},
|
||||
{
|
||||
name: "name of your second web app"
|
||||
appuuid: "UUID of your second app",
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
### GET /app/UUID
|
||||
|
||||
Get seed for APP to be used as a token
|
||||
|
||||
Request JSON object:
|
||||
|
||||
```
|
||||
{
|
||||
version: "1",
|
||||
appuuid: "your-app-uuid",
|
||||
token: "current time based token"
|
||||
}
|
||||
```
|
||||
|
||||
Response JSON object:
|
||||
|
||||
```
|
||||
{
|
||||
status: "OK",
|
||||
seed: "seed of your app"
|
||||
}
|
||||
```
|
||||
Standard django rest framework behaviour for updating / listing
|
||||
objects.
|
||||
|
||||
|
||||
## Usage: OTP
|
||||
|
|
@ -296,6 +184,7 @@ Don’t forget to point AUTH_USER_MODEL to it. Do this before creating any migra
|
|||
- [x] Implement registering of new entries
|
||||
- [x] OTPSerializer: allow to read seed for admin
|
||||
- [x] Implement deleting entry
|
||||
- [x] Include verify in ModelSerializer
|
||||
- [ ] Remove hard coded JSON (?)
|
||||
- [ ] Use Custom authentication (?) - needs to have a user
|
||||
- [ ] Maybe we map name+realm == User (?)
|
||||
|
|
@ -305,3 +194,6 @@ Don’t forget to point AUTH_USER_MODEL to it. Do this before creating any migra
|
|||
- custom auth method
|
||||
- [ ] Implement creating new "User"
|
||||
- by POST / Model based
|
||||
- [ ] move totp constants into settings
|
||||
- [ ] move field lengths into settings
|
||||
- [ ] make settings adjustable by environment (?)
|
||||
|
|
|
|||
|
|
@ -10,15 +10,7 @@ class OTPSerializer(serializers.ModelSerializer):
|
|||
read_only_fields = ('seed',)
|
||||
|
||||
def create(self, validated_data):
|
||||
print(validated_data)
|
||||
print("BEING CALLED??")
|
||||
name = validated_data.get('name')
|
||||
realm = validated_data.get('realm')
|
||||
|
||||
# validated_data
|
||||
seed = pyotp.random_base32()
|
||||
validated_data['seed'] = seed
|
||||
|
||||
validated_data['seed'] = pyotp.random_base32()
|
||||
return OTPSeed.objects.create(**validated_data)
|
||||
|
||||
class VerifySerializer(serializers.Serializer):
|
||||
|
|
@ -30,25 +22,20 @@ class VerifySerializer(serializers.Serializer):
|
|||
verifytoken = serializers.CharField(max_length=128)
|
||||
verifyrealm = serializers.CharField(max_length=128)
|
||||
|
||||
def create(self, validated_data):
|
||||
print("all going to be verified - CREATE")
|
||||
token_in = validated_data.get('token')
|
||||
name_in = validated_data.get('name')
|
||||
realm_in = validated_data.get('realm')
|
||||
|
||||
verifytoken = validated_data.get('verifytoken')
|
||||
verifyname = validated_data.get('verifyname')
|
||||
verifyrealm = validated_data.get('verifyrealm')
|
||||
def save(self):
|
||||
token_in = self.validated_data.get('token')
|
||||
name_in = self.validated_data.get('name')
|
||||
realm_in = self.validated_data.get('realm')
|
||||
verifytoken = self.validated_data.get('verifytoken')
|
||||
verifyname = self.validated_data.get('verifyname')
|
||||
verifyrealm = self.validated_data.get('verifyrealm')
|
||||
|
||||
# 1. Verify that the connection might authenticate
|
||||
|
||||
try:
|
||||
db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)
|
||||
except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
|
||||
raise exceptions.AuthenticationFailed()
|
||||
|
||||
print("serializer found object")
|
||||
|
||||
totp = pyotp.TOTP(db_instance.seed)
|
||||
|
||||
if not totp.verify(token_in, valid_window=3):
|
||||
|
|
@ -56,7 +43,6 @@ class VerifySerializer(serializers.Serializer):
|
|||
|
||||
|
||||
# 2. Verify the requested data
|
||||
|
||||
try:
|
||||
verifyinstance = otpauth.models.OTPSeed.objects.get(name=verifyname, realm=verifyrealm)
|
||||
except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
|
||||
|
|
@ -69,6 +55,3 @@ class VerifySerializer(serializers.Serializer):
|
|||
|
||||
print("All verified!")
|
||||
return verifyinstance
|
||||
|
||||
def verify(self, validated_data):
|
||||
print("all going to be verified - AAAAAAAA")
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ class OTPVerifyViewSet(viewsets.ModelViewSet):
|
|||
serializer = VerifySerializer(data=request.data)
|
||||
if serializer.is_valid():
|
||||
print(serializer)
|
||||
serializer.save()
|
||||
return Response({'status': 'OK'})
|
||||
|
||||
return JsonResponse(serializer.errors, status=400)
|
||||
|
|
|
|||
|
|
@ -28,8 +28,6 @@ router = routers.DefaultRouter()
|
|||
router.register(r'ungleichotp', VerifyViewSet, basename='ungleichotp')
|
||||
router.register(r'ungleichotpv2', OTPVerifyViewSet, basename='ungleichotpv2')
|
||||
|
||||
print(router.urls)
|
||||
|
||||
urlpatterns = [
|
||||
path('admin/', admin.site.urls),
|
||||
url(r'^', include(router.urls)),
|
||||
|
|
|
|||
Loading…
Reference in New Issue