diff options
| author | Cara Salter <cara@devcara.com> | 2022-10-07 08:27:07 -0400 |
|---|---|---|
| committer | Cara Salter <cara@devcara.com> | 2022-10-07 08:27:07 -0400 |
| commit | bbdb97213ff7e486b18753a6052b2c6de7b36f86 (patch) | |
| tree | 84cbda8065e1afa524bb4c516bcd42ff6d7ed6e0 /app/manage | |
| parent | f9b99ce66f56995a29709e9bf24750dab9430767 (diff) | |
| download | nccd-bbdb97213ff7e486b18753a6052b2c6de7b36f86.tar.gz nccd-bbdb97213ff7e486b18753a6052b2c6de7b36f86.zip | |
WIP: Peer enrolling
Diffstat (limited to 'app/manage')
| -rw-r--r-- | app/manage/__init__.py | 52 |
1 files changed, 51 insertions, 1 deletions
diff --git a/app/manage/__init__.py b/app/manage/__init__.py index c69376f..afa9343 100644 --- a/app/manage/__init__.py +++ b/app/manage/__init__.py @@ -1,9 +1,12 @@ from flask import Blueprint, render_template, request, flash, redirect, url_for from flask_login import login_required, current_user import ulid +import flask + +from datetime import datetime, timedelta from app import db -from app.database import Network +from app.database import EnrollRequest, Network from .forms import NewNetworkForm @@ -48,3 +51,50 @@ def del_net(id): flash("Network deleted") return redirect(url_for("manage.list_networks")) + +@bp.route("/peers", methods=["GET", "POST"]) +@login_required +def list_peers(): + peers = current_user.peers + + return render_template("peer_list.html", peers=peers) + + +""" +Here starts the enrollment API + +Maybe this should be in a new blueprint but i don't care enough about where +exactly it goes that it's fine. +""" + +@bp.route("/enroll_start", methods=["GET"]) +def enroll_start(): + """ + this function only creates a new enrollment request and gives the ID back to + the user for use in the client, which should proceed immediately to the next + step -- using the ID to complete the enrollment process by sending a public + key back, and receiving an IP in return. This should probably return a form + so users can choose which network (of the ones they manage) the device + should be in. + + Alternately to that, there could just be a menu in the client that lets the + user do that themselves without going to the web client except to + authenticate. + + Theoretically, there should be an optional approval mechanism where someone + with the is_admin flag can choose to get an email every time someone tries + to enroll after the request is completed, where the peer will exist and be + "enrolled" but no one will actually get the configuration until it's marked + as "approved" in the database + """ + + en_req = EnrollRequest( + id=str(ulid.ulid()), + user=str(current_user.id), + expires=datetime.now() + timedelta(days=30) + ) + + db.session.add(en_req) + db.session.commit() + + return en_req.to_json() |