rest interface for retrieve-create users seed

This commit is contained in:
wcolmenares 2019-05-05 16:44:02 -04:00
parent 503e31cc69
commit 200699486a
2 changed files with 47 additions and 1 deletions

View file

@ -14,7 +14,8 @@ from .views import (
LogOut,
ResetRequest,
UserCreateAPI,
ActivateAccount
ActivateAccount,
SeedRetrieveCreate
)
urlpatterns = [
@ -29,5 +30,6 @@ urlpatterns = [
path('reset/<str:user>/<str:token>/', ResetRequest.as_view()),
path('activate/<str:user>/<str:pwd>/<str:firstname>/<str:lastname>/<str:email>/<str:token>/', ActivateAccount.as_view()),
path('reset/', ResetRequest.as_view(), name="reset"),
path('otp/', SeedRetrieveCreate.as_view(), name="seed"),
path('', Index.as_view(), name="login_index"),
]

View file

@ -14,6 +14,8 @@ from rest_framework.response import Response
from .models import ResetToken
from .forms import LoginForm
from .ungleich_ldap import LdapManager
from decouple import config, Csv
from pyotp import TOTP
import logging
@ -26,6 +28,8 @@ from datetime import datetime
from random import choice, randint
import string
import requests
import json
from django.conf import settings
from django.contrib.auth.mixins import LoginRequiredMixin
@ -606,3 +610,43 @@ class UserCreateAPI(APIView):
except:
return Response('Failed to send the email', 201)
return Response('Email with activation link successfully sent', 200)
class SeedRetrieveCreate(APIView):
def post(self, request):
try:
username = request.data['username']
password = request.data['password']
realm = request.data['realm']
except KeyError:
return Response('You need to specify username, password, and realm values', 400)
# authenticate the user against ldap
user = authenticate(username=username, password=password)
if user is not None:
req = requests.get(config('OTPSERVER'), data=json.dumps(
{
'auth_token': TOTP(config('ADMIN_SEED')).now,
'auth_name': config('ADMIN_NAME'),
'auth_realm': 'ungleich-admin'}), headers={'Content-Type': 'application/json'})
response_data = json.loads(req)
for elem in response_data:
if elem['name'] == username and elem['realm'] == realm:
return Response('Your {} seed is {}'.format(realm, elem['seed']), 200)
# If doesn't find a match then check if the realm is allowed and create the user
allowed_realms = config('ALLOWED_REALMS', cast=Csv())
if realm not in allowed_realms:
return Response('Not allowed to perform this action.', 403)
else:
req = requests.post(config('OTPSERVER'), data=json.dumps(
{
'auth_token': TOTP(config('ADMIN_SEED')).now,
'auth_name': config('ADMIN_NAME'),
'auth_realm': 'ungleich-admin',
'name': username,
'realm': realm
}), headers={'Content-Type': 'application/json'})
if req.status_code == 201:
msg = json.loads(req.text)
return Response(msg, 201)
else:
return Response(json.loads(req.text))