Update signer

apps/assets/api.py

 # ~*~ coding: utf-8 ~*~
 
 from rest_framework import serializers
-from rest_framework import viewsets, serializers,generics
-from .models import AssetGroup, Asset, IDC, AssetExtend
+from rest_framework import viewsets, serializers, generics
+from rest_framework.views import APIView
+from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin, ListBulkCreateUpdateDestroyAPIView
+
 from common.mixins import BulkDeleteApiMixin
-from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin,ListBulkCreateUpdateDestroyAPIView
-from .serializers import *
+from common.utils import get_object_or_none
+from .models import AssetGroup, Asset, IDC, AssetExtend
+from .serializers import AssetBulkUpdateSerializer
+
+
 class AssetGroupSerializer(serializers.ModelSerializer):
     class Meta:
         model = AssetGroup
@@ -52,6 +57,21 @@ class IDCViewSet(viewsets.ReadOnlyModelViewSet):
     queryset = IDC.objects.all()
     serializer_class = IDCSerializer
 
+
 class AssetListUpdateApi(BulkDeleteApiMixin, ListBulkCreateUpdateDestroyAPIView):
     queryset = Asset.objects.all()
-    serializer_class = AssetBulkUpdateSerializer
\ No newline at end of file
+    serializer_class = AssetBulkUpdateSerializer
+
+
+class AssetSystemUserAuthApi(APIView):
+    def get(self, request, *args, **kwargs):
+        system_user_id = request.data.get('system_user_id', -1)
+        system_user_username = request.data.get('system_user_username', '')
+
+        system_user = get_object_or_none(Asset, id=system_user_id, username=system_user_username)
+
+        if system_user:
+            password = system_user.password
+            private_key = system_user.private_key
+
+

apps/assets/models.py

@@ -7,7 +7,7 @@ from django.core import serializers
 import logging
 from django.utils.translation import ugettext_lazy as _
 
-from common.utils import encrypt, decrypt
+from common.utils import signer
 
 logger = logging.getLogger(__name__)
 
@@ -111,23 +111,23 @@ class AdminUser(models.Model):
 
     @password.setter
     def password(self, password_raw):
-        self._password = encrypt(password_raw)
+        self._password = signer.sign(password_raw)
 
     @property
     def private_key(self):
-        return decrypt(self._private_key)
+        return signer.unsign(self._private_key)
 
     @private_key.setter
     def private_key(self, private_key_raw):
-        self._private_key = encrypt(private_key_raw)
+        self._private_key = signer.sign(private_key_raw)
 
     @property
     def public_key(self):
-        return decrypt(self._public_key)
+        return signer.unsign(self._public_key)
 
     @public_key.setter
     def public_key(self, public_key_raw):
-        self._public_key = encrypt(public_key_raw)
+        self._public_key = signer.sign(public_key_raw)
 
     class Meta:
         db_table = 'admin_user'
@@ -179,27 +179,27 @@ class SystemUser(models.Model):
 
     @property
     def password(self):
-        return decrypt(self._password)
+        return signer.sign(self._password)
 
     @password.setter
     def password(self, password_raw):
-        self._password = encrypt(password_raw)
+        self._password = signer.sign(password_raw)
 
     @property
     def private_key(self):
-        return decrypt(self._private_key)
+        return signer(self._private_key)
 
     @private_key.setter
     def private_key(self, private_key_raw):
-        self._private_key = encrypt(private_key_raw)
+        self._private_key = signer(private_key_raw)
 
     @property
     def public_key(self):
-        return decrypt(self._public_key)
+        return signer(self._public_key)
 
     @public_key.setter
     def public_key(self, public_key_raw):
-        self._public_key = encrypt(public_key_raw)
+        self._public_key = signer(public_key_raw)
 
     def get_assets_inherit_from_asset_groups(self):
         assets = set()

apps/assets/serializers.py

@@ -5,6 +5,7 @@ from .models import AssetGroup, Asset, IDC, AssetExtend
 from common.mixins import BulkDeleteApiMixin
 from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin
 
+
 class AssetBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer):
     # group_display = serializers.SerializerMethodField()
     # active_display = serializers.SerializerMethodField()

apps/common/utils.py

@@ -8,7 +8,7 @@ import string
 import logging
 import datetime
 
-from itsdangerous import Signer, TimedJSONWebSignatureSerializer, JSONWebSignatureSerializer, TimestampSigner, \
+from itsdangerous import TimedJSONWebSignatureSerializer, JSONWebSignatureSerializer, \
     BadSignature, SignatureExpired
 from django.shortcuts import reverse as dj_reverse
 from django.conf import settings
@@ -34,31 +34,25 @@ def get_object_or_none(model, **kwargs):
     return obj
 
 
-def encrypt(*args, **kwargs):
-    try:
-        return signing.dumps(*args, **kwargs)
-    except signing.BadSignature:
-        return ''
-
-
-def decrypt(*args, **kwargs):
-    try:
-        return signing.loads(*args, **kwargs)
-    except signing.BadSignature:
-        return ''
+class Signer(object):
+    def __init__(self, secret_key=SECRET_KEY):
+        self.secret_key = secret_key
 
+    def sign(self, value):
+        s = JSONWebSignatureSerializer(self.secret_key)
+        return s.dumps(value)
 
-def sign(value, secret_key=SECRET_KEY):
-    signer = TimestampSigner(secret_key)
-    return signer.sign(value)
+    def unsign(self, value):
+        s = JSONWebSignatureSerializer(self.secret_key)
+        return s.loads(value)
 
+    def sign_t(self, value, expires_in=3600):
+        s = TimedJSONWebSignatureSerializer(self.secret_key, expires_in=expires_in)
+        return s.dumps(value)
 
-def unsign(value, max_age=3600, secret_key=SECRET_KEY):
-    signer = TimestampSigner(secret_key)
-    try:
-        return signer.unsign(value, max_age=max_age)
-    except (BadSignature, SignatureExpired):
-        return ''
+    def unsign_t(self, value):
+        s = TimedJSONWebSignatureSerializer(self.secret_key)
+        return s.loads(value)
 
 
 def date_expired_default():
@@ -69,10 +63,6 @@ def date_expired_default():
     return timezone.now() + timezone.timedelta(days=365*years)
 
 
-def sign(value):
-    return SIGNER.sign(value)
-
-
 def combine_seq(s1, s2, callback=None):
     for s in (s1, s2):
         if not hasattr(s, '__iter__'):
@@ -165,3 +155,5 @@ def timesince(dt, since='', default="just now"):
             return "%d %s" % (period, singular if period == 1 else plural)
     return default
 
+
+signer = Signer()
\ No newline at end of file

apps/terminal/api.py

@@ -5,7 +5,7 @@ from rest_framework.generics import ListCreateAPIView, RetrieveUpdateDestroyAPIV
 from rest_framework.views import APIView, Response
 from rest_framework.permissions import AllowAny
 
-from common.utils import unsign, get_object_or_none
+from common.utils import signer, get_object_or_none
 from .models import Terminal, TerminalHeatbeat
 from .serializers import TerminalSerializer, TerminalHeatbeatSerializer
 from .hands import IsSuperUserOrTerminalUser
@@ -17,7 +17,7 @@ class TerminalCreateListApi(ListCreateAPIView):
     permission_classes = (AllowAny,)
 
     def post(self, request, *args, **kwargs):
-        name = unsign(request.data.get('name', ''))
+        name = signer.unsign(request.data.get('name', ''))
         if name:
             terminal = get_object_or_none(Terminal, name=name)
             if terminal:

apps/users/api.py

@@ -138,7 +138,6 @@ class UserTokenApi(APIView):
 
             cache.set(token, user.id, self.expiration)
             cache.set('%s_%s' % (user.id, remote_addr), token, self.expiration)
-            return Response({'token': token})
+            return Response({'token': token, 'id': user.id, 'username': user.username, 'name': user.name})
         else:
             return Response({'msg': 'Invalid password or public key or user is not active or expired'})
-

apps/users/backends.py

@@ -9,7 +9,7 @@ from django.utils.translation import ugettext as _
 from rest_framework import authentication, exceptions, permissions
 from rest_framework.compat import is_authenticated
 
-from common.utils import unsign, get_object_or_none
+from common.utils import signer, get_object_or_none
 from .hands import Terminal
 from .models import User
 
@@ -39,7 +39,7 @@ class TerminalAuthentication(authentication.BaseAuthentication):
         return self.authenticate_credentials(sign)
 
     def authenticate_credentials(self, sign):
-        name = unsign(sign, max_age=300)
+        name = signer.unsign(sign)
         if name:
             terminal = get_object_or_none(self.model, name=name)
         else:

apps/users/models.py

@@ -15,7 +15,7 @@ from django.shortcuts import reverse
 
 from rest_framework.authtoken.models import Token
 
-from common.utils import encrypt, decrypt, date_expired_default
+from common.utils import signer, date_expired_default
 from common.mixins import NoDeleteModelMixin
 
 
@@ -120,19 +120,19 @@ class User(AbstractUser):
 
     @property
     def private_key(self):
-        return decrypt(self._private_key)
+        return signer.unsign(self._private_key)
 
     @private_key.setter
     def private_key(self, private_key_raw):
-        self._private_key = encrypt(private_key_raw)
+        self._private_key = signer.sign(private_key_raw)
 
     @property
     def public_key(self):
-        return decrypt(self._public_key)
+        return signer.unsign(self._public_key)
 
     @public_key.setter
     def public_key(self, public_key_raw):
-        self._public_key = encrypt(public_key_raw)
+        self._public_key = signer.sign(public_key_raw)
 
     @property
     def is_superuser(self):
@@ -199,12 +199,12 @@ class User(AbstractUser):
         return False
 
     def generate_reset_token(self):
-        return signing.dumps({'reset': self.id, 'email': self.email})
+        return signer.sign_t({'reset': self.id, 'email': self.email}, expires_in=3600)
 
     @classmethod
-    def validate_reset_token(cls, token, max_age=3600):
+    def validate_reset_token(cls, token):
         try:
-            data = signing.loads(token, max_age=max_age)
+            data = signer.unsign_t(token)
             user_id = data.get('reset', None)
             user_email = data.get('email', '')
             user = cls.objects.get(id=user_id, email=user_email)

apps/users/serializers.py

@@ -5,7 +5,7 @@ from django.utils.translation import ugettext_lazy as _
 from rest_framework import serializers
 from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin
 
-from common.utils import unsign
+from common.utils import signer
 from .models import User, UserGroup
 
 
@@ -84,14 +84,3 @@ class GroupBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer
     def get_user_amount(obj):
         return obj.users.count()
 
-
-class AppUserRegisterSerializer(serializers.Serializer):
-    username = serializers.CharField(max_length=20)
-
-    def create(self, validated_data):
-        sign = validated_data('username', '')
-        username = unsign(sign)
-        pass
-
-    def update(self, instance, validated_data):
-        pass