oly
/
hackspace
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Increased length of RFID code and improved logging (#202)

This commit is contained in:
Sam Collins 2018-10-24 19:17:30 +01:00 committed by Oliver Marks
parent 19f3250175
commit 9beabfc0b1
3 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/settings/local.py
View File

@ -84,6 +84,10 @@ LOGGING = {
}, },
}, },
'loggers': { 'loggers': {
'mhackspace': {
'level': 'DEBUG',
'handlers': ['console']
},
'django.request': { 'django.request': {
'handlers': ['mail_admins', 'logfile'], 'handlers': ['mail_admins', 'logfile'],
'level': 'ERROR', 'level': 'ERROR',

14
mhackspace/rfid/views.py
View File

@ -38,16 +38,24 @@ class AuthUserWithDeviceViewSet(viewsets.ViewSet):
data = jwt.decode(request.data["data"], settings.RFID_SECRET, algorithms=['HS256']) data = jwt.decode(request.data["data"], settings.RFID_SECRET, algorithms=['HS256'])
except ExpiredSignatureError: except ExpiredSignatureError:
data = jwt.decode(request.data["data"], settings.RFID_SECRET, algorithms=['HS256'], verify=False) data = jwt.decode(request.data["data"], settings.RFID_SECRET, algorithms=['HS256'], verify=False)
logger.warn(f"Signature expired for {data.get('rfid_code')} on device {data.get('device_id')}") logger.warning(f"Signature expired for {data.get('rfid_code')} on device {data.get('device_id')}")
return Response(jwt.encode({"authenticated": False}, settings.RFID_SECRET), status=status.HTTP_403_FORBIDDEN) return Response(jwt.encode({"authenticated": False}, settings.RFID_SECRET), status=status.HTTP_403_FORBIDDEN)
except jwt.exceptions.InvalidTokenError as e:
logger.warning(f'Invalid JWT {e} : {request.data["data"]}')
return Response(jwt.encode({"authenticated": False}, settings.RFID_SECRET),
status=status.HTTP_403_FORBIDDEN)
if data.get("rfid_code") is None or data.get("rfid_code") is None: if data.get("rfid_code") is None or data.get("rfid_code") is None:
return Response(status=status.HTTP_400_BAD_REQUEST) return Response(status=status.HTTP_400_BAD_REQUEST)
# print(data)
try: try:
rfid = Rfid.objects.get(code=data["rfid_code"]) rfid = Rfid.objects.get(code=data["rfid_code"])
except Rfid.DoesNotExist:
logger.warning(f"Unable to find valid rfid {data['rfid_code']}")
return Response(status=status.HTTP_404_NOT_FOUND)
try:
device = Device.objects.get(identifier=data["device_id"]) device = Device.objects.get(identifier=data["device_id"])
except ObjectDoesNotExist: except Device.DoesNotExist:
logger.warning(f"Unable to find valid device {data['device_id']}")
return Response(status=status.HTTP_404_NOT_FOUND) return Response(status=status.HTTP_404_NOT_FOUND)
try: try:

18
mhackspace/users/migrations/0013_increased_rfid_length.py Normal file
View File

@ -0,0 +1,18 @@
# Generated by Django 2.1.2 on 2018-10-24 18:12
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('users', '0012_rfid_users'),
]
operations = [
migrations.AlterField(
model_name='rfid',
name='code',
field=models.CharField(max_length=200, unique=True),
),
]