main: Implement generation of IotDev Token

Signed-off-by: HeshamTB <hishaminv@gmail.com>
2022-04-17 21:20:45 +03:00 · 2022-04-17 21:20:45 +03:00 · 59417427c3
commit 59417427c3
parent c0c9c7da2b
2 changed files with 24 additions and 0 deletions
--- a/sql_app/main.py
+++ b/sql_app/main.py
@ -49,6 +49,19 @@ def get_current_active_user(current_user: schemas.User = Depends(get_current_use
        raise HTTPException(status_code=400, detail="Inactive user")
    return current_user

+def get_current_iot_device(current_device: schemas.IotBluetoothMac = Depends(),
+                           token: str = Depends(oauth),
+                           db: Session = Depends(get_db)):
+    credentials_exception = HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+    )
+    payload = jwt.decode(token, auth_helper.JWT_SECRET, algorithms=[auth_helper.JWT_ALGO])
+    mac_signed = payload.get("bluetooth_mac")
+    if (mac_signed == current_device): return mac_signed
+    else: raise credentials_exception
+
@app.post("/users/reg", response_model=schemas.User, tags=['Users'])
 def create_user(user: schemas.UserCreate, db: Session = Depends(get_db)):
    db_user = crud.get_user_by_email(db, email=user.email)
@ -146,6 +159,14 @@ def deactiveate_user(user_id: int, db:Session = Depends(get_db), api_key: APIKey
 def deactiveate_user(user_id: int, db:Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
    return

+@app.post("/admin/iotdevice/gentoken/", response_model=schemas.Token, tags=['Admin'])
+def generate_token_for_iot_device(bluetooth_mac : schemas.IotBluetoothMac, 
+                                  api_key: APIKey = Depends(auth_helper.valid_api_key)):
+    # We get here after a valid admin key, so send back permenant token
+    data = {"bluetooth_mac": bluetooth_mac.bluetooth_mac}
+    tkn = auth_helper.create_iot_dev_token(data)
+    return {"access_token": tkn, "token_type": "bearer"}
+
@app.get("/users/acesslist/", response_model=List[schemas.IotEntity], tags=['Users'])
 def get_iot_access_list_for_user(db: Session = Depends(get_db), current_user: schemas.User = Depends(get_current_active_user)):
    user = crud.get_user_by_username(db, current_user.username)
--- a/sql_app/schemas.py
+++ b/sql_app/schemas.py
@ -26,6 +26,9 @@ class IotEntity(IotEntityBase):
    class Config:
        orm_mode = True

+class IotBluetoothMac(BaseModel):
+    bluetooth_mac : str
+
 class User(UserBase):
    id: int
    is_active: bool