add authorization check on both sides

This commit is contained in:
b1ek 2023-05-17 04:46:45 +10:00
parent 63132abc20
commit 8ded7379cb
Signed by: blek
GPG Key ID: 14546221E3595D0C
2 changed files with 21 additions and 8 deletions

View File

@ -1,5 +1,13 @@
from rest_framework.request import Request
from django.http import HttpResponseBadRequest, HttpResponse, JsonResponse, HttpRequest
import ipware as iplib
ipware = iplib.IpWare();
def client_ip(req: HttpRequest):
return ipware.get_client_ip(req)[0].exploded;
def VVSUAuthProxy(req: HttpRequest):
proxy = 'https://vvsu.ru/connect' + req.path[len('/api/auth/vvsu'):];
@ -19,14 +27,8 @@ def register(oid, provider_id, name):
favorites_apartments='',
comparison_apartments='',
name=name,
# date_of_birth=,
about_me='',
gender='?',
phone='+00000',
# email=,
# telegram=,
# discord=,
# city=,
role='s',
photo_provider='VVSU',
openid_addr=oid,
@ -85,3 +87,14 @@ def verify_auth_token(key, ip):
return False;
return True;
def auth_required(func):
"""
Use authorization for this route.
"""
def inner(req: HttpRequest):
if ('Authorization' not in req.headers.keys()):
return JsonResponse({'error': 'no auth token'});
if (not verify_auth_token(req.headers['Authorization'], client_ip(req))):
return JsonResponse({'error': 'auth token invalid or expired'});
func();

View File

@ -63,9 +63,9 @@ class Client extends User {
method,
headers: {
...(options.headers ? options.headers : {}),
'X-Pairent-Auth': this.key.key
'Authorization': this.key.key
},
...options
});
}