From 4f5f817d835f6a53448e7d60bb7591c24c825e96 Mon Sep 17 00:00:00 2001 From: b1ek Date: Wed, 17 May 2023 02:51:21 +1000 Subject: [PATCH] move auth functions to different file --- pairent_backend/pairent_app/authlib.py | 87 +++++++++++++++++++++++++ pairent_backend/pairent_app/views.py | 88 +------------------------- 2 files changed, 89 insertions(+), 86 deletions(-) create mode 100644 pairent_backend/pairent_app/authlib.py diff --git a/pairent_backend/pairent_app/authlib.py b/pairent_backend/pairent_app/authlib.py new file mode 100644 index 0000000..3026648 --- /dev/null +++ b/pairent_backend/pairent_app/authlib.py @@ -0,0 +1,87 @@ +from django.http import HttpResponseBadRequest, HttpResponse, JsonResponse, HttpRequest + +def VVSUAuthProxy(req: HttpRequest): + proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):]; + + preq = requests.request(req.method, proxy, headers={ + 'User-Agent': 'OIDC Client / Pairent', + 'Origin': 'http://pairent.vvsu.ru', + 'Referer': 'http://pairent.vvsu.ru' + }); + + resp = HttpResponse(preq.content); + resp.headers['Content-Type'] = preq.headers['Content-Type']; + + return resp; + +def register(oid, provider_id, name): + user = User( + favorites_apartments='', + comparison_apartments='', + name=name, + # date_of_birth=, + about_me='', + gender='?', + phone='+00000', + # email=, + # telegram=, + # discord=, + # city=, + role='s', + photo_provider='VVSU', + openid_addr=oid, + openid_id=provider_id, + ); + user.save(); + return user; + +def get_oauth_token(remote, data): + return requests.post(remote + '/oauth2/token', data, + headers={ + 'Origin': 'https://pairent.vvsu.ru', + 'Referer': 'https://pairent.vvsu.ru' + }).json(); + +def get_oauth_data(remote, key): + return requests.get(remote + '/userinfo', headers={ + 'Origin': 'https://pairent.vvsu.ru', + 'Authorization': 'Bearer ' + key, + 'User-Agent': 'curl/8.1' + }).json(); + +def create_auth_token(userid, ip): + + try: + token = AuthToken.objects.get(user=userid, ip=ip); + if (verify_auth_token(token.key, token.ip)): + return token; + except AuthToken.DoesNotExist: + 0 # ignore + + token = AuthToken( + user=userid, + key=str(uuid.uuid4()), + # 2 days + # vvv + expires=time.time() + 60 * 60 * 24 * 2, + ip=ip + ); + token.save(); + return token; + +def verify_auth_token(key, ip): + + try: + token = AuthToken.objects.get(key=key); + except AuthToken.DoesNotExist: + return False; + + if (token.ip != ip): + token.delete(); + return False; + + if (token.expires > time.time()): + token.delete(); + return False; + + return True; diff --git a/pairent_backend/pairent_app/views.py b/pairent_backend/pairent_app/views.py index 87f0ac2..58aa758 100644 --- a/pairent_backend/pairent_app/views.py +++ b/pairent_backend/pairent_app/views.py @@ -17,6 +17,8 @@ from .serializer import (ApartamentListSerializer, PublicUserSerializer, TokenSerializer) +from .authlib import * + import json, math, random, re, requests, oidc_client, base64, uuid, time, ipware as iplib ipware = iplib.IpWare(); @@ -159,92 +161,6 @@ class CompatibleUsersView(viewsets.ViewSet): return Response(users); -def VVSUAuthProxy(req: Request): - proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):]; - - preq = requests.request(req.method, proxy, headers={ - 'User-Agent': 'OIDC Client / Pairent', - 'Origin': 'http://pairent.vvsu.ru', - 'Referer': 'http://pairent.vvsu.ru' - }); - - resp = HttpResponse(preq.content); - resp.headers['Content-Type'] = preq.headers['Content-Type']; - - return resp; - -def register(oid, provider_id, name): - user = User( - favorites_apartments='', - comparison_apartments='', - name=name, - # date_of_birth=, - about_me='', - gender='?', - phone='+00000', - # email=, - # telegram=, - # discord=, - # city=, - role='s', - photo_provider='VVSU', - openid_addr=oid, - openid_id=provider_id, - ); - user.save(); - return user; - -def get_oauth_token(remote, data): - return requests.post(remote + '/oauth2/token', data, - headers={ - 'Origin': 'https://pairent.vvsu.ru', - 'Referer': 'https://pairent.vvsu.ru' - }).json(); - -def get_oauth_data(remote, key): - return requests.get(remote + '/userinfo', headers={ - 'Origin': 'https://pairent.vvsu.ru', - 'Authorization': 'Bearer ' + key, - 'User-Agent': 'curl/8.1' - }).json(); - -def create_auth_token(userid, ip): - - try: - token = AuthToken.objects.get(user=userid, ip=ip); - if (verify_auth_token(token.key, token.ip)): - return token; - except AuthToken.DoesNotExist: - 0 # ignore - - token = AuthToken( - user=userid, - key=str(uuid.uuid4()), - # 2 days - # vvv - expires=time.time() + 60 * 60 * 24 * 2, - ip=ip - ); - token.save(); - return token; - -def verify_auth_token(key, ip): - - try: - token = AuthToken.objects.get(key=key); - except AuthToken.DoesNotExist: - return False; - - if (token.ip != ip): - token.delete(); - return False; - - if (token.expires > time.time()): - token.delete(); - return False; - - return True; - class UserLogin(APIView): # TODO: Remove csrf exempt when index.html is loaded through django