security stuff
This commit is contained in:
parent
4731b64780
commit
e0f57e9de6
GPG Key ID:
6C1E5E531E0D5D7F
3
ENV.tmpl
3
ENV.tmpl
@ -5,7 +5,4 @@ export DB_USER="hausverwaltung-ui"
|
|||||||
export DB_PASS="test123"
|
export DB_PASS="test123"
|
||||||
export DB_NAME="hausverwaltung"
|
export DB_NAME="hausverwaltung"
|
||||||
|
|
||||||
export JWT_ISSUER='de.hottis.hausverwaltung'
|
|
||||||
export JWT_SECRET='streng_geheim'
|
export JWT_SECRET='streng_geheim'
|
||||||
export JWT_LIFETIME_SECONDS=60
|
|
||||||
export JWT_ALGORITHM='HS256'
|
|
||||||
|
|||||||
15
auth.py
15
auth.py
@ -5,26 +5,13 @@ from werkzeug.exceptions import Unauthorized
|
|||||||
from jose import JWTError, jwt
|
from jose import JWTError, jwt
|
||||||
import os
|
import os
|
||||||
|
|
||||||
JWT_ISSUER = os.environ['JWT_ISSUER']
|
|
||||||
JWT_SECRET = os.environ['JWT_SECRET']
|
JWT_SECRET = os.environ['JWT_SECRET']
|
||||||
JWT_LIFETIME_SECONDS = int(os.environ['JWT_LIFETIME_SECONDS'])
|
|
||||||
JWT_ALGORITHM = os.environ['JWT_ALGORITHM']
|
|
||||||
|
|
||||||
|
|
||||||
def generate_token(user_id):
|
|
||||||
timestamp = _current_timestamp()
|
|
||||||
payload = {
|
|
||||||
"iss": JWT_ISSUER,
|
|
||||||
"iat": int(timestamp),
|
|
||||||
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
|
|
||||||
"sub": str(user_id),
|
|
||||||
}
|
|
||||||
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
|
|
||||||
|
|
||||||
|
|
||||||
def decode_token(token):
|
def decode_token(token):
|
||||||
try:
|
try:
|
||||||
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
|
return jwt.decode(token, JWT_SECRET)
|
||||||
except JWTError as e:
|
except JWTError as e:
|
||||||
six.raise_from(Unauthorized, e)
|
six.raise_from(Unauthorized, e)
|
||||||
|
|
||||||
|
|||||||
35
openapi.yaml
35
openapi.yaml
@ -3,6 +3,9 @@ info:
|
|||||||
title: Hausverwaltung
|
title: Hausverwaltung
|
||||||
version: "0.1"
|
version: "0.1"
|
||||||
|
|
||||||
|
security:
|
||||||
|
- jwt: []
|
||||||
|
|
||||||
paths:
|
paths:
|
||||||
/hv/objekte:
|
/hv/objekte:
|
||||||
get:
|
get:
|
||||||
@ -304,36 +307,16 @@ paths:
|
|||||||
tags: [ "Zahlung" ]
|
tags: [ "Zahlung" ]
|
||||||
operationId: ZahlungenForderungen.put_zahlung
|
operationId: ZahlungenForderungen.put_zahlung
|
||||||
summary: Inserts a new Zahlung
|
summary: Inserts a new Zahlung
|
||||||
parameters:
|
requestBody:
|
||||||
- name: zahlung
|
content:
|
||||||
in: body
|
'application/json':
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/components/schemas/Zahlung'
|
$ref: '#/components/schemas/Zahlung'
|
||||||
responses:
|
responses:
|
||||||
202:
|
202:
|
||||||
description: Zahlung successfully inserted
|
description: Zahlung successfully inserted
|
||||||
500:
|
500:
|
||||||
description: Some server or database error
|
description: Some server or database error
|
||||||
/auth/{user_id}:
|
|
||||||
get:
|
|
||||||
tags: [ "JWT" ]
|
|
||||||
summary: Return JWT token
|
|
||||||
operationId: auth.generate_token
|
|
||||||
parameters:
|
|
||||||
- name: user_id
|
|
||||||
description: User unique identifier
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
example: 12
|
|
||||||
schema:
|
|
||||||
type: integer
|
|
||||||
responses:
|
|
||||||
'200':
|
|
||||||
description: JWT token
|
|
||||||
content:
|
|
||||||
'text/plain':
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
/secret:
|
/secret:
|
||||||
get:
|
get:
|
||||||
tags: [ "JWT" ]
|
tags: [ "JWT" ]
|
||||||
@ -346,8 +329,6 @@ paths:
|
|||||||
'text/plain':
|
'text/plain':
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
security:
|
|
||||||
- jwt: ['secret']
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user