move auth functions to different file

2023-05-17 02:51:21 +10:00 · 2023-05-17 02:51:21 +10:00 · 4f5f817d83
parent 5604c20903
commit 4f5f817d83
2 changed files with 89 additions and 86 deletions
--- a/pairent_backend/pairent_app/authlib.py
+++ b/pairent_backend/pairent_app/authlib.py
@ -0,0 +1,87 @@
+from django.http import HttpResponseBadRequest, HttpResponse, JsonResponse, HttpRequest
+
+def VVSUAuthProxy(req: HttpRequest):
+    proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):];
+    
+    preq = requests.request(req.method, proxy, headers={
+        'User-Agent': 'OIDC Client / Pairent',
+        'Origin': 'http://pairent.vvsu.ru',
+        'Referer': 'http://pairent.vvsu.ru'
+    });
+
+    resp = HttpResponse(preq.content);
+    resp.headers['Content-Type'] = preq.headers['Content-Type'];
+
+    return resp;
+
+def register(oid, provider_id, name):
+    user = User(
+        favorites_apartments='',    
+        comparison_apartments='', 
+        name=name, 
+        # date_of_birth=, 
+        about_me='', 
+        gender='?', 
+        phone='+00000', 
+        # email=, 
+        # telegram=, 
+        # discord=, 
+        # city=, 
+        role='s', 
+        photo_provider='VVSU', 
+        openid_addr=oid, 
+        openid_id=provider_id, 
+    );
+    user.save();
+    return user;
+
+def get_oauth_token(remote, data):
+    return requests.post(remote + '/oauth2/token', data,
+            headers={
+                'Origin': 'https://pairent.vvsu.ru',
+                'Referer': 'https://pairent.vvsu.ru'
+            }).json();
+
+def get_oauth_data(remote, key):
+    return requests.get(remote + '/userinfo', headers={
+                'Origin': 'https://pairent.vvsu.ru',
+                'Authorization': 'Bearer ' + key,
+                'User-Agent': 'curl/8.1'
+            }).json();
+
+def create_auth_token(userid, ip):
+
+    try:
+        token = AuthToken.objects.get(user=userid, ip=ip);
+        if (verify_auth_token(token.key, token.ip)):
+            return token;
+    except AuthToken.DoesNotExist:
+        0 # ignore
+
+    token = AuthToken(
+        user=userid,
+        key=str(uuid.uuid4()),
+        #                          2 days
+        #                            vvv
+        expires=time.time() + 60 * 60 * 24 * 2,
+        ip=ip
+    );
+    token.save();
+    return token;
+
+def verify_auth_token(key, ip):
+    
+    try:
+        token = AuthToken.objects.get(key=key);
+    except AuthToken.DoesNotExist:
+        return False;       
+
+    if (token.ip != ip):
+        token.delete();
+        return False;
+    
+    if (token.expires > time.time()):
+        token.delete();
+        return False;
+    
+    return True;
--- a/pairent_backend/pairent_app/views.py
+++ b/pairent_backend/pairent_app/views.py
@ -17,6 +17,8 @@ from .serializer import (ApartamentListSerializer,
                         PublicUserSerializer,
                         TokenSerializer)

+from .authlib import *
+
 import json, math, random, re, requests, oidc_client, base64, uuid, time, ipware as iplib
 ipware = iplib.IpWare();

@ -159,92 +161,6 @@ class CompatibleUsersView(viewsets.ViewSet):

        return Response(users);

-def VVSUAuthProxy(req: Request):
-    proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):];
-    
-    preq = requests.request(req.method, proxy, headers={
-        'User-Agent': 'OIDC Client / Pairent',
-        'Origin': 'http://pairent.vvsu.ru',
-        'Referer': 'http://pairent.vvsu.ru'
-    });
-
-    resp = HttpResponse(preq.content);
-    resp.headers['Content-Type'] = preq.headers['Content-Type'];
-
-    return resp;
-
-def register(oid, provider_id, name):
-    user = User(
-        favorites_apartments='',    
-        comparison_apartments='', 
-        name=name, 
-        # date_of_birth=, 
-        about_me='', 
-        gender='?', 
-        phone='+00000', 
-        # email=, 
-        # telegram=, 
-        # discord=, 
-        # city=, 
-        role='s', 
-        photo_provider='VVSU', 
-        openid_addr=oid, 
-        openid_id=provider_id, 
-    );
-    user.save();
-    return user;
-
-def get_oauth_token(remote, data):
-    return requests.post(remote + '/oauth2/token', data,
-            headers={
-                'Origin': 'https://pairent.vvsu.ru',
-                'Referer': 'https://pairent.vvsu.ru'
-            }).json();
-
-def get_oauth_data(remote, key):
-    return requests.get(remote + '/userinfo', headers={
-                'Origin': 'https://pairent.vvsu.ru',
-                'Authorization': 'Bearer ' + key,
-                'User-Agent': 'curl/8.1'
-            }).json();
-
-def create_auth_token(userid, ip):
-
-    try:
-        token = AuthToken.objects.get(user=userid, ip=ip);
-        if (verify_auth_token(token.key, token.ip)):
-            return token;
-    except AuthToken.DoesNotExist:
-        0 # ignore
-
-    token = AuthToken(
-        user=userid,
-        key=str(uuid.uuid4()),
-        #                          2 days
-        #                            vvv
-        expires=time.time() + 60 * 60 * 24 * 2,
-        ip=ip
-    );
-    token.save();
-    return token;
-
-def verify_auth_token(key, ip):
-    
-    try:
-        token = AuthToken.objects.get(key=key);
-    except AuthToken.DoesNotExist:
-        return False;       
-
-    if (token.ip != ip):
-        token.delete();
-        return False;
-    
-    if (token.expires > time.time()):
-        token.delete();
-        return False;
-    
-    return True;
-
 class UserLogin(APIView):

    # TODO: Remove csrf exempt when index.html is loaded through django