mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git
synced 2024-11-01 01:27:17 +00:00
Move SSH key validation to utils
This commit is contained in:
parent
ec7ff62d59
commit
b185724000
|
@ -3,7 +3,7 @@
|
||||||
from flask_restful import Resource, reqparse
|
from flask_restful import Resource, reqparse
|
||||||
|
|
||||||
from selfprivacy_api.resources.services import api
|
from selfprivacy_api.resources.services import api
|
||||||
from selfprivacy_api.utils import WriteUserData, ReadUserData
|
from selfprivacy_api.utils import WriteUserData, ReadUserData, validate_ssh_public_key
|
||||||
|
|
||||||
|
|
||||||
class EnableSSH(Resource):
|
class EnableSSH(Resource):
|
||||||
|
@ -154,13 +154,10 @@ class WriteSSHKey(Resource):
|
||||||
|
|
||||||
public_key = args["public_key"]
|
public_key = args["public_key"]
|
||||||
|
|
||||||
# Validate SSH public key
|
if not validate_ssh_public_key(public_key):
|
||||||
# It may be ssh-ed25519 or ssh-rsa
|
return {
|
||||||
if not public_key.startswith("ssh-ed25519"):
|
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
|
||||||
if not public_key.startswith("ssh-rsa"):
|
}, 400
|
||||||
return {
|
|
||||||
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
|
|
||||||
}, 400
|
|
||||||
|
|
||||||
with WriteUserData() as data:
|
with WriteUserData() as data:
|
||||||
if "ssh" not in data:
|
if "ssh" not in data:
|
||||||
|
@ -272,13 +269,10 @@ class SSHKeys(Resource):
|
||||||
"error": "Use /ssh/key/send to add root keys",
|
"error": "Use /ssh/key/send to add root keys",
|
||||||
}, 400
|
}, 400
|
||||||
|
|
||||||
# Validate SSH public key
|
if not validate_ssh_public_key(args["public_key"]):
|
||||||
# It may be ssh-ed25519 or ssh-rsa
|
return {
|
||||||
if not args["public_key"].startswith("ssh-ed25519"):
|
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
|
||||||
if not args["public_key"].startswith("ssh-rsa"):
|
}, 400
|
||||||
return {
|
|
||||||
"error": "Invalid key type. Only ssh-ed25519 and ssh-rsa are supported.",
|
|
||||||
}, 400
|
|
||||||
|
|
||||||
with WriteUserData() as data:
|
with WriteUserData() as data:
|
||||||
if username == data["username"]:
|
if username == data["username"]:
|
||||||
|
|
|
@ -49,3 +49,12 @@ class ReadUserData(object):
|
||||||
def __exit__(self, *args):
|
def __exit__(self, *args):
|
||||||
portalocker.unlock(self.userdata_file)
|
portalocker.unlock(self.userdata_file)
|
||||||
self.userdata_file.close()
|
self.userdata_file.close()
|
||||||
|
|
||||||
|
|
||||||
|
def validate_ssh_public_key(key):
|
||||||
|
"""Validate SSH public key. It may be ssh-ed25519 or ssh-rsa."""
|
||||||
|
if not key.startswith("ssh-ed25519"):
|
||||||
|
if not key.startswith("ssh-rsa"):
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
Loading…
Reference in a new issue