diff --git a/ungleichotp/otpauth/serializer.py b/ungleichotp/otpauth/serializer.py new file mode 100644 index 0000000..f9f1f54 --- /dev/null +++ b/ungleichotp/otpauth/serializer.py @@ -0,0 +1,48 @@ +from rest_framework import serializers +from otpauth.models import OTPSeed +import pyotp + +class OTPSerializer(serializers.ModelSerializer): + class Meta: + model = OTPSeed + fields = ('name', 'realm') + + token = serializers.CharField(max_length=128) + + verifyname = serializers.CharField(max_length=128) + verifytoken = serializers.CharField(max_length=128) + verifyrealm = serializers.CharField(max_length=128) + + +class VerifySerializer(serializers.ModelSerializer): + class Meta: + model = OTPSeed + fields = ('name', 'realm') + + token = serializers.CharField(max_length=128) + + verifyname = serializers.CharField(max_length=128) + verifytoken = serializers.CharField(max_length=128) + verifyrealm = serializers.CharField(max_length=128) + + def update(self, instance, validated_data): + token_in = validated_data.get('token') + name_in = validated_data.get('name') + realm_in = validated_data.get('realm') + + try: + found_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in) + except OTPSeed.MultipleObjectsReturned: + return None + + # Generate token and compare + totp = pyotp.TOTP() + + if totp.verify(token, valid_window=3): + return "OK" + else: + return "FAIL" + + + verifytoken = serializers.CharField(max_length=128) + verifyrealm = serializers.CharField(max_length=128) diff --git a/ungleichotp/otpauth/views.py b/ungleichotp/otpauth/views.py index 91ea44a..bb721aa 100644 --- a/ungleichotp/otpauth/views.py +++ b/ungleichotp/otpauth/views.py @@ -1,3 +1,8 @@ from django.shortcuts import render +from rest_framework import viewsets +from otpauth.serializers import VerifySerializer # Create your views here. + +class VerifyViewSet(viewsets.ModelViewSet): + serializer_class = VerifySerializer