rest interface for retrieve-create users seed

This commit is contained in:
wcolmenares 2019-05-05 16:44:02 -04:00
parent 503e31cc69
commit 200699486a
2 changed files with 47 additions and 1 deletions

View file

@ -14,7 +14,8 @@ from .views import (
LogOut, LogOut,
ResetRequest, ResetRequest,
UserCreateAPI, UserCreateAPI,
ActivateAccount ActivateAccount,
SeedRetrieveCreate
) )
urlpatterns = [ urlpatterns = [
@ -29,5 +30,6 @@ urlpatterns = [
path('reset/<str:user>/<str:token>/', ResetRequest.as_view()), path('reset/<str:user>/<str:token>/', ResetRequest.as_view()),
path('activate/<str:user>/<str:pwd>/<str:firstname>/<str:lastname>/<str:email>/<str:token>/', ActivateAccount.as_view()), path('activate/<str:user>/<str:pwd>/<str:firstname>/<str:lastname>/<str:email>/<str:token>/', ActivateAccount.as_view()),
path('reset/', ResetRequest.as_view(), name="reset"), path('reset/', ResetRequest.as_view(), name="reset"),
path('otp/', SeedRetrieveCreate.as_view(), name="seed"),
path('', Index.as_view(), name="login_index"), path('', Index.as_view(), name="login_index"),
] ]

View file

@ -14,6 +14,8 @@ from rest_framework.response import Response
from .models import ResetToken from .models import ResetToken
from .forms import LoginForm from .forms import LoginForm
from .ungleich_ldap import LdapManager from .ungleich_ldap import LdapManager
from decouple import config, Csv
from pyotp import TOTP
import logging import logging
@ -26,6 +28,8 @@ from datetime import datetime
from random import choice, randint from random import choice, randint
import string import string
import requests
import json
from django.conf import settings from django.conf import settings
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import LoginRequiredMixin
@ -606,3 +610,43 @@ class UserCreateAPI(APIView):
except: except:
return Response('Failed to send the email', 201) return Response('Failed to send the email', 201)
return Response('Email with activation link successfully sent', 200) return Response('Email with activation link successfully sent', 200)
class SeedRetrieveCreate(APIView):
def post(self, request):
try:
username = request.data['username']
password = request.data['password']
realm = request.data['realm']
except KeyError:
return Response('You need to specify username, password, and realm values', 400)
# authenticate the user against ldap
user = authenticate(username=username, password=password)
if user is not None:
req = requests.get(config('OTPSERVER'), data=json.dumps(
{
'auth_token': TOTP(config('ADMIN_SEED')).now,
'auth_name': config('ADMIN_NAME'),
'auth_realm': 'ungleich-admin'}), headers={'Content-Type': 'application/json'})
response_data = json.loads(req)
for elem in response_data:
if elem['name'] == username and elem['realm'] == realm:
return Response('Your {} seed is {}'.format(realm, elem['seed']), 200)
# If doesn't find a match then check if the realm is allowed and create the user
allowed_realms = config('ALLOWED_REALMS', cast=Csv())
if realm not in allowed_realms:
return Response('Not allowed to perform this action.', 403)
else:
req = requests.post(config('OTPSERVER'), data=json.dumps(
{
'auth_token': TOTP(config('ADMIN_SEED')).now,
'auth_name': config('ADMIN_NAME'),
'auth_realm': 'ungleich-admin',
'name': username,
'realm': realm
}), headers={'Content-Type': 'application/json'})
if req.status_code == 201:
msg = json.loads(req.text)
return Response(msg, 201)
else:
return Response(json.loads(req.text))