Add Auth API connection to apiserver

2020-09-16 22:52:17 +00:00 · 2020-09-16 22:52:17 +00:00 · b45f86e0cc
commit b45f86e0cc
parent 649b2061bc
3 changed files with 56 additions and 1 deletions
--- a/apiserver/apiserver/api/serializers.py
+++ b/apiserver/apiserver/api/serializers.py
@ -473,6 +473,13 @@ class MyPasswordChangeSerializer(PasswordChangeSerializer):
                logger.info(msg)
                raise ValidationError(dict(non_field_errors=msg))

+        if utils_auth.is_configured():
+            if utils_auth.set_password(data) != 200:
+                msg = 'Problem connecting to Auth server: set.'
+                utils.alert_tanner(msg)
+                logger.info(msg)
+                raise ValidationError(dict(non_field_errors=msg))
+
        super().save()

 class MyPasswordResetSerializer(PasswordResetSerializer):
@ -490,7 +497,17 @@ class MyPasswordResetConfirmSerializer(PasswordResetConfirmSerializer):

        if utils_ldap.is_configured():
            if utils_ldap.set_password(data) != 200:
-                raise ValidationError(dict(non_field_errors='Problem connecting to LDAP server: set.'))
+                msg = 'Problem connecting to LDAP server: set.'
+                utils.alert_tanner(msg)
+                logger.info(msg)
+                raise ValidationError(dict(non_field_errors=msg))
+
+        if utils_auth.is_configured():
+            if utils_auth.set_password(data) != 200:
+                msg = 'Problem connecting to Auth server: set.'
+                utils.alert_tanner(msg)
+                logger.info(msg)
+                raise ValidationError(dict(non_field_errors=msg))

        super().save()

--- a/apiserver/apiserver/api/utils_auth.py
+++ b/apiserver/apiserver/api/utils_auth.py
@ -0,0 +1,28 @@
+import logging
+logger = logging.getLogger(__name__)
+
+import requests
+
+from apiserver import secrets
+from apiserver.api import utils
+
+def is_configured():
+    return bool(secrets.AUTH_API_URL and secrets.AUTH_API_KEY)
+
+
+def auth_api(route, data):
+    try:
+        headers = {'Authorization': 'Token ' + secrets.AUTH_API_KEY}
+        url = secrets.AUTH_API_URL + route
+        r = requests.post(url, data=data, headers=headers, timeout=3)
+        return r.status_code
+    except BaseException as e:
+        logger.error('Auth {} - {} - {}'.format(url, e.__class__.__name__, str(e)))
+        return None
+
+def set_password(data):
+    auth_data = dict(
+        username=data['username'],
+        password=data['password1'],
+    )
+    return auth_api('set-password', auth_data)
--- a/apiserver/apiserver/secrets.py.example
+++ b/apiserver/apiserver/secrets.py.example
@ -40,6 +40,16 @@ LDAP_API_URL = ''
 # spaceport/ldapserver/secrets.py
 LDAP_API_KEY = ''

+# Auth API url
+# should contain the IP and port of the script and machine connected over VPN
+# with trailing slash
+AUTH_API_URL = ''
+
+# Auth API key
+# should be equal to the auth token value set in
+# spaceport/authserver/secrets.py
+AUTH_API_KEY = ''
+
 # Door cards API token
 # Set this to random characters
 # For example, use the output of this: