feat: qrcode data checker

2025-12-10 13:47:47 +01:00 · 2025-12-09 23:02:09 +01:00
parent f79961c2f5
commit 23fe15d982
3 changed files with 30 additions and 3 deletions
--- a/apps/api/serializers.py
+++ b/apps/api/serializers.py
@@ -89,3 +89,11 @@ class OAuthSerializer(serializers.ModelSerializer):
            'note',
            'memberships',
        )
+
+
+class QRCodeCheckSerializer(serializers.Serializer):
+    data = serializers.CharField(
+        label="Données du QR Code",
+        help_text="Le contenu brut lu depuis le QR Code (Username + Token)",
+        required=True
+    )
--- a/apps/api/urls.py
+++ b/apps/api/urls.py
@@ -7,13 +7,14 @@ from django.urls import re_path, path
 from rest_framework import routers

 from .views import UserInformationView
-from .viewsets import ContentTypeViewSet, UserViewSet
+from .viewsets import ContentTypeViewSet, UserViewSet, QRCodeVerificationViewSet

 # Routers provide an easy way of automatically determining the URL conf.
 # Register each app API router and user viewset
 router = routers.DefaultRouter()
 router.register('models', ContentTypeViewSet)
 router.register('user', UserViewSet)
+router.register('check_qrcode', QRCodeVerificationViewSet, basename='check_qrcode')

 if "activity" in settings.INSTALLED_APPS:
    from activity.api.urls import register_activity_urls
--- a/apps/api/viewsets.py
+++ b/apps/api/viewsets.py
@@ -2,18 +2,22 @@
 # SPDX-License-Identifier: GPL-3.0-or-later

 import re
+import pyotp
+import base64
+import os

 from django.contrib.contenttypes.models import ContentType
 from django_filters.rest_framework import DjangoFilterBackend
 from django.db.models import Q
 from django.conf import settings
 from django.contrib.auth.models import User
-from rest_framework.viewsets import ReadOnlyModelViewSet, ModelViewSet
+from rest_framework.viewsets import ReadOnlyModelViewSet, ModelViewSet, GenericViewSet
+from rest_framework.response import Response
 from permission.backends import PermissionBackend
 from note.models import Alias

 from .filters import RegexSafeSearchFilter
-from .serializers import UserSerializer, ContentTypeSerializer
+from .serializers import UserSerializer, ContentTypeSerializer, QRCodeCheckSerializer


 def is_regex(pattern):
@@ -124,3 +128,17 @@ class ContentTypeViewSet(ReadOnlyModelViewSet):
    filter_backends = [DjangoFilterBackend, RegexSafeSearchFilter]
    filterset_fields = ['id', 'app_label', 'model', ]
    search_fields = ['$app_label', '$model', ]
+
+
+class QRCodeVerificationViewSet(GenericViewSet):
+    serializer_class = QRCodeCheckSerializer
+    queryset = User.objects.none()
+
+    def get_view_name(self):
+        return "Vérification QR Code"
+
+    def create(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        secret = base64.b32encode(os.getenv("DJANGO_SECRET_KEY").encode())
+        return Response({'valid': pyotp.TOTP(secret, interval=30).verify(serializer.validated_data['data'][-6:])})