WIP: Peer enrolling

3 files changed, 83 insertions, 1 deletions

diff --git a/app/database.py b/app/database.py
index c66f603..11ef840 100644
--- a/app/database.py
+++ b/app/database.py
@@ -61,3 +61,8 @@ class Network(db.Model):
         return f"{self.description} ({self.subnet})"
     def __str__(self):
         return f"{self.description} ({self.subnet})"
+
+class EnrollRequest(db.Model):
+    id = Column(String, primary_key=True)
+    user = Column(String, ForeignKey('user.id'), nullable=False)
+    expires = Column(DateTime, nullable=False)
diff --git a/app/manage/__init__.py b/app/manage/__init__.py
index c69376f..afa9343 100644
--- a/app/manage/__init__.py
+++ b/app/manage/__init__.py
@@ -1,9 +1,12 @@
 from flask import Blueprint, render_template, request, flash, redirect, url_for
 from flask_login import login_required, current_user
 import ulid
+import flask
+
+from datetime import datetime, timedelta
 
 from app import db
-from app.database import Network
+from app.database import EnrollRequest, Network
 
 from .forms import NewNetworkForm
 
@@ -48,3 +51,50 @@ def del_net(id):
     flash("Network deleted")
 
     return redirect(url_for("manage.list_networks"))
+
+@bp.route("/peers", methods=["GET", "POST"])
+@login_required
+def list_peers():
+    peers = current_user.peers
+
+    return render_template("peer_list.html", peers=peers)
+
+
+"""
+Here starts the enrollment API
+
+Maybe this should be in a new blueprint but i don't care enough about where
+exactly it goes that it's fine.
+"""
+
+@bp.route("/enroll_start", methods=["GET"])
+def enroll_start():
+    """
+    this function only creates a new enrollment request and gives the ID back to
+    the user for use in the client, which should proceed immediately to the next
+    step -- using the ID to complete the enrollment process by sending a public
+    key back, and receiving an IP in return. This should probably return a form
+    so users can choose which network (of the ones they manage) the device
+    should be in.
+
+    Alternately to that, there could just be a menu in the client that lets the
+    user do that themselves without going to the web client except to
+    authenticate.
+
+    Theoretically, there should be an optional approval mechanism where someone
+    with the is_admin flag can choose to get an email every time someone tries
+    to enroll after the request is completed, where the peer will exist and be
+    "enrolled" but no one will actually get the configuration until it's marked
+    as "approved" in the database
+    """
+
+    en_req = EnrollRequest(
+            id=str(ulid.ulid()),
+            user=str(current_user.id),
+            expires=datetime.now() + timedelta(days=30)
+            )
+
+    db.session.add(en_req)
+    db.session.commit()
+
+    return en_req.to_json()
diff --git a/app/templates/peer_list.html b/app/templates/peer_list.html
new file mode 100644
index 0000000..d2dc97e
--- /dev/null
+++ b/app/templates/peer_list.html
@@ -0,0 +1,27 @@
+{% extends 'base.html' %}
+
+{% block content %}
+<h1>Owned/Managed Peers</h1>
+
+<table>
+    <thead>
+        <tr>
+            <th scope="col">ID</th>
+            <th scope="col">Address</th>
+            <th scope="col">Public Key</th>
+            <th scope="col">Description</th>
+        </tr>
+    </thead>
+    <tbody>
+        {% for p in peers %}
+        <tr>
+            <td>{{p.id}}</td>
+            <td>{{p.addr}}</td>
+            <td>{{p.public_key}}</td>
+            <td>{{p.description}}</td>
+        </tr>
+        {% endfor %}
+    </tbody>
+</table>
+
+{% endblock %}