58 lines
2 KiB
Python
58 lines
2 KiB
Python
from django.db import models
|
|
from datetime import datetime, timedelta
|
|
import hmac
|
|
import hashlib
|
|
import random
|
|
import string
|
|
|
|
class ApiKey(models.Model):
|
|
''' An API key, to login using the API
|
|
|
|
An API key consists in a somewhat long chunk of ascii text, *not*
|
|
containing any dollar ($) sign. It is saved on the client's machine as
|
|
a string "keyId$key".
|
|
An API token (to authentify a request) is a triplet (ts, kid, hmac) of
|
|
a timestamp `ts`, the key id `kid` and
|
|
hmac = `HMAC(key, ts + data, sha256)`
|
|
where `data` is the normalized (`json.dumps(json.loads(...))`) value of
|
|
the data part of the request.
|
|
'''
|
|
key = models.CharField("API key",
|
|
max_length=128)
|
|
name = models.CharField("Key name",
|
|
max_length=256,
|
|
help_text="Where is this key used from?")
|
|
last_used = models.DateTimeField("Last used",
|
|
default=datetime.fromtimestamp(0))
|
|
|
|
def everUsed(self):
|
|
return self.last_used > datetime.fromtimestamp(0)
|
|
|
|
def initialFill(self):
|
|
if not self.key:
|
|
KEY_SIZE = 64
|
|
KEY_CHARS = string.ascii_letters + string.digits
|
|
self.key = ''.join(random.choices(KEY_CHARS, k=KEY_SIZE))
|
|
|
|
@property
|
|
def keyId(self):
|
|
return self.id
|
|
|
|
@property
|
|
def displayValue(self):
|
|
return "{}${}".format(self.keyId, self.key)
|
|
|
|
def __str__(self):
|
|
return self.displayValue
|
|
|
|
def isCorrect(self, timestamp, inpMac, data):
|
|
claimedDate = datetime.fromtimestamp(timestamp)
|
|
if datetime.now() - timedelta(minutes=5) > claimedDate:
|
|
return False
|
|
|
|
mac = hmac.new(self.key.encode('utf-8'),
|
|
msg=str(int(claimedDate.timestamp())).encode('utf-8'),
|
|
digestmod=hashlib.sha256)
|
|
mac.update(data.encode('utf-8'))
|
|
|
|
return hmac.compare_digest(mac.hexdigest(), inpMac)
|