From bcd8c72e8ef38db6d6303b82767b4fe6971a3fb3 Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Sat, 17 Nov 2018 11:21:35 +0100
Subject: [PATCH] Begin to implement auth logic

---
 ungleichotp/otpauth/serializer.py | 48 +++++++++++++++++++++++++++++++
 ungleichotp/otpauth/views.py      |  5 ++++
 2 files changed, 53 insertions(+)
 create mode 100644 ungleichotp/otpauth/serializer.py

diff --git a/ungleichotp/otpauth/serializer.py b/ungleichotp/otpauth/serializer.py
new file mode 100644
index 0000000..f9f1f54
--- /dev/null
+++ b/ungleichotp/otpauth/serializer.py
@@ -0,0 +1,48 @@
+from rest_framework import serializers
+from otpauth.models import OTPSeed
+import pyotp
+
+class OTPSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = OTPSeed
+        fields = ('name', 'realm')
+
+    token = serializers.CharField(max_length=128)
+
+    verifyname = serializers.CharField(max_length=128)
+    verifytoken = serializers.CharField(max_length=128)
+    verifyrealm = serializers.CharField(max_length=128)
+
+
+class VerifySerializer(serializers.ModelSerializer):
+    class Meta:
+        model = OTPSeed
+        fields = ('name', 'realm')
+
+    token = serializers.CharField(max_length=128)
+
+    verifyname = serializers.CharField(max_length=128)
+    verifytoken = serializers.CharField(max_length=128)
+    verifyrealm = serializers.CharField(max_length=128)
+
+    def update(self, instance, validated_data):
+        token_in = validated_data.get('token')
+        name_in =  validated_data.get('name')
+        realm_in =  validated_data.get('realm')
+
+        try:
+            found_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)
+        except OTPSeed.MultipleObjectsReturned:
+            return None
+
+        # Generate token and compare
+        totp = pyotp.TOTP()
+
+        if totp.verify(token, valid_window=3):
+            return "OK"
+        else:
+            return "FAIL"
+
+
+        verifytoken = serializers.CharField(max_length=128)
+        verifyrealm = serializers.CharField(max_length=128)
diff --git a/ungleichotp/otpauth/views.py b/ungleichotp/otpauth/views.py
index 91ea44a..bb721aa 100644
--- a/ungleichotp/otpauth/views.py
+++ b/ungleichotp/otpauth/views.py
@@ -1,3 +1,8 @@
 from django.shortcuts import render
+from rest_framework import viewsets
+from otpauth.serializers import VerifySerializer
 
 # Create your views here.
+
+class VerifyViewSet(viewsets.ModelViewSet):
+    serializer_class = VerifySerializer