Cleanup dev code
This commit is contained in:
parent
f55498f314
commit
f59fbf1180
4 changed files with 12 additions and 84 deletions
|
@ -195,6 +195,7 @@ Don’t forget to point AUTH_USER_MODEL to it. Do this before creating any migra
|
||||||
- [x] Use Custom authentication - needs to have a user!
|
- [x] Use Custom authentication - needs to have a user!
|
||||||
- [x] Implement creating new "User"
|
- [x] Implement creating new "User"
|
||||||
- by POST / Model based
|
- by POST / Model based
|
||||||
|
- [x]
|
||||||
- [ ] Add tests for verify
|
- [ ] Add tests for verify
|
||||||
- [ ] Add tests for authentication
|
- [ ] Add tests for authentication
|
||||||
- [ ] Add proper documentation
|
- [ ] Add proper documentation
|
||||||
|
@ -211,6 +212,10 @@ Don’t forget to point AUTH_USER_MODEL to it. Do this before creating any migra
|
||||||
|
|
||||||
## Changelog
|
## Changelog
|
||||||
|
|
||||||
|
### 0.6, 2018-11-18
|
||||||
|
|
||||||
|
* Reuse TokenSerializer for VerifySerializer logic
|
||||||
|
|
||||||
### 0.5, 2018-11-18
|
### 0.5, 2018-11-18
|
||||||
|
|
||||||
* Require authentication on all rest endpoints by token
|
* Require authentication on all rest endpoints by token
|
||||||
|
|
|
@ -13,57 +13,6 @@ class OTPSerializer(serializers.ModelSerializer):
|
||||||
validated_data['seed'] = pyotp.random_base32()
|
validated_data['seed'] = pyotp.random_base32()
|
||||||
return OTPSeed.objects.create(**validated_data)
|
return OTPSeed.objects.create(**validated_data)
|
||||||
|
|
||||||
class VerifySerializerV1(serializers.Serializer):
|
|
||||||
"""
|
|
||||||
This is the first version of the serializer that would authenticate the request
|
|
||||||
itself. This is not necessary anymore starting from version 0.5
|
|
||||||
|
|
||||||
Code to be removed prior to 1.0
|
|
||||||
"""
|
|
||||||
|
|
||||||
name = serializers.CharField(max_length=128)
|
|
||||||
token = serializers.CharField(max_length=128)
|
|
||||||
realm = serializers.CharField(max_length=128)
|
|
||||||
|
|
||||||
verifyname = serializers.CharField(max_length=128)
|
|
||||||
verifytoken = serializers.CharField(max_length=128)
|
|
||||||
verifyrealm = serializers.CharField(max_length=128)
|
|
||||||
|
|
||||||
def save(self):
|
|
||||||
token_in = self.validated_data.get('token')
|
|
||||||
name_in = self.validated_data.get('name')
|
|
||||||
realm_in = self.validated_data.get('realm')
|
|
||||||
verifytoken = self.validated_data.get('verifytoken')
|
|
||||||
verifyname = self.validated_data.get('verifyname')
|
|
||||||
verifyrealm = self.validated_data.get('verifyrealm')
|
|
||||||
|
|
||||||
# 1. Verify that the connection might authenticate
|
|
||||||
try:
|
|
||||||
db_instance = otpauth.models.OTPSeed.objects.get(name=name_in, realm=realm_in)
|
|
||||||
except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
|
|
||||||
raise exceptions.AuthenticationFailed()
|
|
||||||
|
|
||||||
totp = pyotp.TOTP(db_instance.seed)
|
|
||||||
|
|
||||||
if not totp.verify(token_in, valid_window=3):
|
|
||||||
raise exceptions.AuthenticationFailed()
|
|
||||||
|
|
||||||
|
|
||||||
# 2. Verify the requested data
|
|
||||||
try:
|
|
||||||
verifyinstance = otpauth.models.OTPSeed.objects.get(name=verifyname, realm=verifyrealm)
|
|
||||||
except (OTPSeed.MultipleObjectsReturned, OTPSeed.DoesNotExist):
|
|
||||||
raise exceptions.PermissionDenied()
|
|
||||||
|
|
||||||
totp = pyotp.TOTP(verifyinstance.seed)
|
|
||||||
|
|
||||||
if not totp.verify(verifytoken, valid_window=3):
|
|
||||||
raise exceptions.PermissionDenied()
|
|
||||||
|
|
||||||
print("All verified!")
|
|
||||||
return verifyinstance
|
|
||||||
|
|
||||||
|
|
||||||
class TokenSerializer(serializers.Serializer):
|
class TokenSerializer(serializers.Serializer):
|
||||||
name = serializers.CharField(max_length=128)
|
name = serializers.CharField(max_length=128)
|
||||||
token = serializers.CharField(max_length=128)
|
token = serializers.CharField(max_length=128)
|
||||||
|
@ -78,7 +27,7 @@ class TokenSerializer(serializers.Serializer):
|
||||||
name_in = self.validated_data.get(self.name_name)
|
name_in = self.validated_data.get(self.name_name)
|
||||||
realm_in = self.validated_data.get(self.realm_name)
|
realm_in = self.validated_data.get(self.realm_name)
|
||||||
|
|
||||||
print("auth: {} {} {} ({} {} {} -- {})".format(token_in, name_in, realm_in, self.token_name, self.name_name, self.realm_name, self.validated_data))
|
# print("auth: {} {} {} ({} {} {} -- {})".format(token_in, name_in, realm_in, self.token_name, self.name_name, self.realm_name, self.validated_data))
|
||||||
|
|
||||||
# 1. Verify that the connection might authenticate
|
# 1. Verify that the connection might authenticate
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -1,17 +1,15 @@
|
||||||
from django.shortcuts import render
|
from django.shortcuts import render
|
||||||
|
|
||||||
from rest_framework import viewsets
|
from rest_framework import viewsets
|
||||||
from rest_framework.parsers import JSONParser
|
|
||||||
from rest_framework.decorators import action
|
from rest_framework.decorators import action
|
||||||
from rest_framework.response import Response
|
from rest_framework.response import Response
|
||||||
|
|
||||||
|
|
||||||
from django.http import HttpResponse, JsonResponse
|
from django.http import JsonResponse
|
||||||
|
|
||||||
from otpauth.serializer import VerifySerializer, OTPSerializer
|
from otpauth.serializer import VerifySerializer, OTPSerializer
|
||||||
from otpauth.models import OTPSeed
|
from otpauth.models import OTPSeed
|
||||||
|
|
||||||
# Version 2 model - model based ++ verify action
|
|
||||||
class OTPVerifyViewSet(viewsets.ModelViewSet):
|
class OTPVerifyViewSet(viewsets.ModelViewSet):
|
||||||
serializer_class = OTPSerializer
|
serializer_class = OTPSerializer
|
||||||
queryset = OTPSeed.objects.all()
|
queryset = OTPSeed.objects.all()
|
||||||
|
@ -20,27 +18,8 @@ class OTPVerifyViewSet(viewsets.ModelViewSet):
|
||||||
def verify(self, request):
|
def verify(self, request):
|
||||||
serializer = VerifySerializer(data=request.data)
|
serializer = VerifySerializer(data=request.data)
|
||||||
if serializer.is_valid():
|
if serializer.is_valid():
|
||||||
print(serializer)
|
# print(serializer)
|
||||||
serializer.save()
|
serializer.save()
|
||||||
return Response({'status': 'OK'})
|
return Response({'status': 'OK'})
|
||||||
|
|
||||||
return JsonResponse(serializer.errors, status=400)
|
return JsonResponse(serializer.errors, status=400)
|
||||||
|
|
||||||
|
|
||||||
# Version 1 model - should be removed
|
|
||||||
class VerifyViewSet(viewsets.ViewSet):
|
|
||||||
serializer_class = VerifySerializer
|
|
||||||
|
|
||||||
def create(self, request):
|
|
||||||
data = JSONParser().parse(request)
|
|
||||||
serializer = VerifySerializer(data=data)
|
|
||||||
if serializer.is_valid():
|
|
||||||
print("is valid")
|
|
||||||
print(serializer)
|
|
||||||
#serializer.save()
|
|
||||||
return JsonResponse(serializer.data, status=201)
|
|
||||||
return JsonResponse(serializer.errors, status=400)
|
|
||||||
|
|
||||||
|
|
||||||
def get_queryset(self):
|
|
||||||
return []
|
|
||||||
|
|
|
@ -14,19 +14,14 @@ Including another URLconf
|
||||||
2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
|
2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
from django.contrib import admin
|
from django.contrib import admin
|
||||||
from django.urls import path
|
from django.urls import path
|
||||||
from django.conf.urls import url, include
|
from django.conf.urls import url, include
|
||||||
from django.contrib.auth.models import User
|
from rest_framework import routers
|
||||||
from rest_framework import routers, serializers, viewsets
|
from otpauth.views import OTPVerifyViewSet
|
||||||
from otpauth.models import OTPSeed
|
|
||||||
from otpauth.views import OTPVerifyViewSet, VerifyViewSet
|
|
||||||
|
|
||||||
|
|
||||||
router = routers.DefaultRouter()
|
router = routers.DefaultRouter()
|
||||||
router.register(r'ungleichotp', VerifyViewSet, basename='ungleichotp')
|
router.register(r'ungleichotp', OTPVerifyViewSet, basename='ungleichotp')
|
||||||
router.register(r'ungleichotpv2', OTPVerifyViewSet, basename='ungleichotpv2')
|
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path('admin/', admin.site.urls),
|
path('admin/', admin.site.urls),
|
||||||
|
|
Loading…
Reference in a new issue