Begin to implement auth logic

This commit is contained in:
Nico Schottelius 2018-11-17 11:21:35 +01:00
parent 2054bd16ab
commit bcd8c72e8e
2 changed files with 53 additions and 0 deletions

View file

@ -0,0 +1,48 @@
from rest_framework import serializers
from otpauth.models import OTPSeed
import pyotp
class OTPSerializer(serializers.ModelSerializer):
class Meta:
model = OTPSeed
fields = ('name', 'realm')
token = serializers.CharField(max_length=128)
verifyname = serializers.CharField(max_length=128)
verifytoken = serializers.CharField(max_length=128)
verifyrealm = serializers.CharField(max_length=128)
class VerifySerializer(serializers.ModelSerializer):
class Meta:
model = OTPSeed
fields = ('name', 'realm')
token = serializers.CharField(max_length=128)
verifyname = serializers.CharField(max_length=128)
verifytoken = serializers.CharField(max_length=128)
verifyrealm = serializers.CharField(max_length=128)
def update(self, instance, validated_data):
token_in = validated_data.get('token')
name_in = validated_data.get('name')
realm_in = validated_data.get('realm')
try:
found_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)
except OTPSeed.MultipleObjectsReturned:
return None
# Generate token and compare
totp = pyotp.TOTP()
if totp.verify(token, valid_window=3):
return "OK"
else:
return "FAIL"
verifytoken = serializers.CharField(max_length=128)
verifyrealm = serializers.CharField(max_length=128)

View file

@ -1,3 +1,8 @@
from django.shortcuts import render
from rest_framework import viewsets
from otpauth.serializers import VerifySerializer
# Create your views here.
class VerifyViewSet(viewsets.ModelViewSet):
serializer_class = VerifySerializer