2025-summer/team-3
12
Fork 0
Code Issues Pull requests Projects Releases Activity

mesh websocket authorization

Browse source
This commit is contained in:
Laura Klünder 2023-12-01 17:04:39 +01:00
parent 0256c061ea
commit a3bac07a23
2 changed files with 21 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/c3nav/mesh/consumers.py
View file

@ -11,6 +11,7 @@ from asgiref.sync import async_to_sync
from channels.db import database_sync_to_async from channels.db import database_sync_to_async
from channels.exceptions import DenyConnection from channels.exceptions import DenyConnection
from channels.generic.websocket import AsyncJsonWebsocketConsumer, AsyncWebsocketConsumer from channels.generic.websocket import AsyncJsonWebsocketConsumer, AsyncWebsocketConsumer
from django.conf import settings
from django.db import transaction from django.db import transaction
from django.utils import timezone from django.utils import timezone
@ -56,7 +57,9 @@ class MeshConsumer(AsyncWebsocketConsumer):
self.ota_chunks_available_condition = asyncio.Condition() self.ota_chunks_available_condition = asyncio.Condition()
async def connect(self): async def connect(self):
# todo: auth self.headers = dict(self.scope["headers"])
if self.headers[b'authorization'].strip() != b'Bearer '+settings.SECRET_MESH_KEY.encode():
raise DenyConnection
# await self.log_text(None, "new mesh websocket connection") # await self.log_text(None, "new mesh websocket connection")
await self.accept() await self.accept()

17
src/c3nav/settings.py
View file

@ -123,6 +123,23 @@ if not SECRET_TILE_KEY:
os.chown(SECRET_TILE_FILE, os.getuid(), os.getgid()) os.chown(SECRET_TILE_FILE, os.getuid(), os.getgid())
f.write(SECRET_TILE_KEY) f.write(SECRET_TILE_KEY)
SECRET_MESH_KEY = config.get('c3nav', 'mesh_secret', fallback=None)
if not SECRET_MESH_KEY:
SECRET_MESH_FILE = config.get('c3nav', 'mesh_secret_file', fallback=None)
if SECRET_MESH_FILE:
SECRET_MESH_FILE = Path(SECRET_MESH_FILE)
else:
SECRET_MESH_FILE = DATA_DIR / '.mesh_secret'
if SECRET_MESH_FILE.exists():
with open(SECRET_MESH_FILE, 'r') as f:
SECRET_MESH_KEY = f.read().strip()
else:
SECRET_MESH_KEY = get_random_string(50, string.printable)
with open(SECRET_MESH_FILE, 'w') as f:
os.chmod(SECRET_MESH_FILE, 0o600)
os.chown(SECRET_MESH_FILE, os.getuid(), os.getgid())
f.write(SECRET_MESH_KEY)
# Adjustable settings # Adjustable settings
debug_fallback = "runserver" in sys.argv debug_fallback = "runserver" in sys.argv