Add Rest API for tunnel functionality.

Signed-off-by: Birin Sanchez <birin.sanchez@puri.sm>

Pipfile

@@ -25,29 +25,29 @@ django_celery_beat = "==1.1.0"
 Jinja2 = "==2.10"
 WooCommerce = "==1.2.1"
 django-simple-captcha = "==0.5.10"
+djangorestframework = "*"
 
 [dev-packages]
-
-	# self:
-    # purist_middleware = {path = ".", editable = true}
-    # Documentation depencencies:
-    # alabaster==0.7.10
-	# Babel==2.5.3
-	# certifi==2017.11.5
-	# chardet==3.0.4
-	# docutils==0.14
-	# idna==2.6
-	# imagesize==0.7.1
-	# Jinja2==2.10
-	# MarkupSafe==1.0
-	# Pygments==2.2.0
-	# pytz==2017.3
-	# requests==2.18.4
-	# six==1.11.0
-	# snowballstemmer==1.2.1
-	# Sphinx==1.6.6
-	# sphinxcontrib-websupport==1.0.1
-	# urllib3==1.22
+# self:
+# purist_middleware = {path = ".", editable = true}
+# Documentation depencencies:
+# alabaster==0.7.10
+# Babel==2.5.3
+# certifi==2017.11.5
+# chardet==3.0.4
+# docutils==0.14
+# idna==2.6
+# imagesize==0.7.1
+# Jinja2==2.10
+# MarkupSafe==1.0
+# Pygments==2.2.0
+# pytz==2017.3
+# requests==2.18.4
+# six==1.11.0
+# snowballstemmer==1.2.1
+# Sphinx==1.6.6
+# sphinxcontrib-websupport==1.0.1
+# urllib3==1.22
 twine = "==1.12.1"
 pylint = "*"
 django_extensions = "*"

middleware/settings.py

@@ -43,8 +43,17 @@ ALLOWED_HOSTS = config("ALLOWED_HOSTS", cast=Csv())
 # INSTALLED APPLICATIONS
 #
 
-INSTALLED_APPS += ["crispy_forms", "django_agpl", "django_celery_beat", "django_extensions", "ldapregister",
-                   "limitmonitor", "purist", "captcha", "cart", "registration"]
+INSTALLED_APPS += ["crispy_forms",
+                   "django_agpl",
+                   "django_celery_beat",
+                   "django_extensions",
+                   "ldapregister",
+                   "limitmonitor",
+                   "purist",
+                   "captcha",
+                   "cart",
+                   "registration",
+                   "rest_framework"]
 
 #
 # AGPL APPLICATION
@@ -214,3 +223,13 @@ TUNNEL_IDENTITY = secret_config('TUNNEL_IDENTITY')
 TUNNEL_SECRET = secret_config('TUNNEL_SECRET')
 TUNNEL_HOST = config('TUNNEL_HOST')
 TUNNEL_KEY = secret_config('TUNNEL_KEY')
+
+#
+# REST framework
+#
+
+REST_FRAMEWORK = {
+    'DEFAULT_PAGINATION_CLASS':
+    'rest_framework.pagination.PageNumberPagination',
+    'PAGE_SIZE': 10
+}

middleware/urls.py

@@ -22,6 +22,7 @@ import limitmonitor.views
 import purist.views
 from ldapregister.forms import RegistrationForm
 from cart.views import CartRegistrationView
+
 #
 # Set admin titles for this site
 #
@@ -47,5 +48,6 @@ urlpatterns = [
     url(r'^jslicense/$', purist.views.jslicense, name='jslicense'),
     url(r'^captcha/', include('captcha.urls')),
     url(r'^cart/(?P<reward>\d+)/$', CartRegistrationView.as_view(), name="register_reward"),
+    url(r'^tunnel/api/v1/get_user_creds',
+        purist.views.UserDetail.as_view(), name='get_user_creds')
 ]
-

purist/models.py

@@ -158,15 +158,15 @@ class User(AbstractUser):
                                 settings.TUNNEL_HOST)
             new_account = tun.create_account()
             if new_account:
-                # Encrypt username and password with Fernet
-                fer = Fernet(settings.TUNNEL_KEY)
-                tun_user = fer.encrypt(new_account['username'].encode())
-                tun_passwd = fer.encrypt(new_account['password'].encode())
+                tun_user = encrypt(new_account['username'])
+                tun_passwd = encrypt(new_account['password'])
                 self.tunnel_user = tun_user
                 self.tunnel_password = tun_passwd
                 self.save()
                 return True
             return False
+        else:
+            return True
 
     def pause_tunnel_account(self):
         """Pauses the tunnel account for the user, setting it is_active to
@@ -177,8 +177,7 @@ class User(AbstractUser):
             tun = TunnelManager(settings.TUNNEL_IDENTITY,
                                 settings.TUNNEL_SECRET,
                                 settings.TUNNEL_HOST)
-            fer = Fernet(settings.TUNNEL_KEY)
-            tun_user = fer.decrypt(self.tunnel_user).decode()
+            tun_user = decrypt(self.tunnel_user)
             result = tun.pause_account(tun_user)
             if result:
                 tunnel_limit = self.limit_set.filter(
@@ -197,8 +196,7 @@ class User(AbstractUser):
             tun = TunnelManager(settings.TUNNEL_IDENTITY,
                                 settings.TUNNEL_SECRET,
                                 settings.TUNNEL_HOST)
-            fer = Fernet(settings.TUNNEL_KEY)
-            tun_user = fer.decrypt(self.tunnel_user).decode()
+            tun_user = decrypt(self.tunnel_user)
             result = tun.resume_account(tun_user)
             if result:
                 tunnel_limit = self.limit_set.filter(
@@ -217,8 +215,7 @@ class User(AbstractUser):
             tun = TunnelManager(settings.TUNNEL_IDENTITY,
                                 settings.TUNNEL_SECRET,
                                 settings.TUNNEL_HOST)
-            fer = Fernet(settings.TUNNEL_KEY)
-            tun_user = fer.decrypt(self.tunnel_user).decode()
+            tun_user = decrypt(self.tunnel_user)
             result = tun.terminate_account(tun_user)
             if result:
                 self.tunnel_user = None
@@ -241,9 +238,28 @@ class User(AbstractUser):
             tunnel_limit = self.limit_set.filter(
                     service=settings.LM_SERVICES.TUNNEL).first()
             if tunnel_limit.is_active:
-                fer = Fernet(settings.TUNNEL_KEY)
-                tun_user = fer.decrypt(self.tunnel_user.encode()).decode()
-                tun_passwd = fer.decrypt(self.tunnel_password.encode()
-                                         ).decode()
+                tun_user = decrypt(self.tunnel_user)
+                tun_passwd = decrypt(self.tunnel_password)
                 return (tun_user, tun_passwd)
         return None
+
+
+def encrypt(data):
+    # Encrypt data with Fernet
+    if data is None:
+        ret = None
+    else:
+        fer = Fernet(settings.TUNNEL_KEY)
+        ret = fer.encrypt(data.encode())
+    return ret
+
+
+def decrypt(data):
+    # Decrypt data with Fernet
+    if data is None:
+        ret = None
+    else:
+        fer = Fernet(settings.TUNNEL_KEY)
+        data = data.encode()
+        ret = fer.decrypt(data).decode()
+    return ret

purist/serializers.py

+from .models import User, decrypt
+from rest_framework import serializers
+
+
+class UserSerializer(serializers.HyperlinkedModelSerializer):
+    tunnel_user = serializers.SerializerMethodField()
+    tunnel_password = serializers.SerializerMethodField()
+
+    class Meta:
+        model = User
+        fields = ('tunnel_user', 'tunnel_password')
+
+    def get_tunnel_user(self, obj):
+        return decrypt(obj.tunnel_user)
+
+    def get_tunnel_password(self, obj):
+        return decrypt(obj.tunnel_password)

purist/views.py

 from django.conf import settings
 from django.shortcuts import render
+from .models import User
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework import permissions
+from .serializers import UserSerializer
+from django.http import Http404
+
+
+class UserDetail(APIView):
+    """Retrieve a User instance
+    """
+    permission_classes = (permissions.IsAuthenticated,)
+
+    def get_object(self, user):
+        try:
+            return User.objects.get(username=user.username)
+        except User.DoesNotExists:
+            raise Http404
+
+    def get(self, request, format=None):
+        user = self.get_object(request.user)
+        serializer = UserSerializer(user)
+        return Response(serializer.data)
 
 
 def home(request):

setup.cfg

@@ -37,6 +37,7 @@ install_requires =
     strictyaml==0.11.10
     woocommerce==1.2.1
     django-simple-captcha==0.5.10
+    djangorestframework
 
 [options.data_files]
 config_sample/ldh_middleware =