41 lines
1.3 KiB
Python
41 lines
1.3 KiB
Python
from django.contrib.auth.backends import ModelBackend
|
|
from django.contrib.auth import get_user_model
|
|
from django.core.exceptions import PermissionDenied
|
|
from django.utils.translation import gettext_lazy as _
|
|
|
|
from monerorpc.authproxy import AuthServiceProxy, JSONRPCException
|
|
|
|
from .models import Address
|
|
from .utils import verify_signature
|
|
|
|
User = get_user_model()
|
|
|
|
|
|
class MoneroAddressBackend(ModelBackend):
|
|
"""Custom Monero-Cryptolock authentication backend."""
|
|
|
|
def authenticate(self, request, address=None, challenge=None, signature=None):
|
|
"""Validates the provided signature for the given address and challenge.
|
|
|
|
This method currently relies on Wallet RPC access to verify the signature,
|
|
in the future it should be done locally to be more reliable and more
|
|
performant.
|
|
"""
|
|
if not all(address, challenge, signature):
|
|
return None
|
|
|
|
try:
|
|
stored_address = Address.objects.get(address=address).select_related("user")
|
|
except:
|
|
return None
|
|
|
|
try:
|
|
is_valid = verify_signature(address, challenge, signature)
|
|
except JSONRPCException:
|
|
raise PermissionDenied(_("Error while validating signature"))
|
|
|
|
if is_valid:
|
|
return stored_address.user
|
|
|
|
return None
|