Browse Source

++ doc, begin improving serializers

patch-1
Nico Schottelius 4 years ago
parent
commit
d0a3cdce52
  1. 10
      README.md
  2. 18
      ungleichotp/otpauth/serializer.py
  3. 2
      ungleichotp/otpauth/views.py

10
README.md

@ -203,4 +203,14 @@ Don’t forget to point AUTH_USER_MODEL to it. Do this before creating any migra
- [ ] make settings adjustable by environment (?)
- [ ] Remove hard coded JSON (?)
### To document
* Login via username password interactively
* Login via name/realm/token rest
## Changelog
### 0.5, 2018-11-18
* Require authentication on all rest endpoints by token

18
ungleichotp/otpauth/serializer.py

@ -13,7 +13,14 @@ class OTPSerializer(serializers.ModelSerializer):
validated_data['seed'] = pyotp.random_base32()
return OTPSeed.objects.create(**validated_data)
class VerifySerializer(serializers.Serializer):
class VerifySerializerV1(serializers.Serializer):
"""
This is the first version of the serializer that would authenticate the request
itself. This is not necessary anymore starting from version 0.5
Code to be removed prior to 1.0
"""
name = serializers.CharField(max_length=128)
token = serializers.CharField(max_length=128)
realm = serializers.CharField(max_length=128)
@ -62,6 +69,10 @@ class TokenSerializer(serializers.Serializer):
token = serializers.CharField(max_length=128)
realm = serializers.CharField(max_length=128)
token_name = 'token'
name_name = 'name'
realm_name = 'realm'
def save(self):
token_in = self.validated_data.get('token')
name_in = self.validated_data.get('name')
@ -79,3 +90,8 @@ class TokenSerializer(serializers.Serializer):
raise exceptions.AuthenticationFailed()
return (db_instance, token_in)
class VerifySerializer(TokenSerializer):
token_name = 'verifytoken'
name_name = 'verifyname'
realm_name = 'verifyrealm'

2
ungleichotp/otpauth/views.py

@ -11,6 +11,7 @@ from django.http import HttpResponse, JsonResponse
from otpauth.serializer import VerifySerializer, OTPSerializer
from otpauth.models import OTPSeed
# Version 2 model - model based ++ verify action
class OTPVerifyViewSet(viewsets.ModelViewSet):
serializer_class = OTPSerializer
queryset = OTPSeed.objects.all()
@ -26,6 +27,7 @@ class OTPVerifyViewSet(viewsets.ModelViewSet):
return JsonResponse(serializer.errors, status=400)
# Version 1 model - should be removed
class VerifyViewSet(viewsets.ViewSet):
serializer_class = VerifySerializer

Loading…
Cancel
Save