Carneiro
/
stream_auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Carneiro:7c411c8526b56c6b8b357b2d0b5427a3d627c402
Branches Tags
Carneiro:main
...
compare: Carneiro:8245ee3ab490e1fd7cc01fed4473b5703b660668
Branches Tags
Carneiro:main

10 Commits
7c411c8526 ... 8245ee3ab4

Author SHA1 Message Date
Carneiro 8245ee3ab4 add gunicorn 2023-10-05 17:06:14 -03:00
Carneiro 95daba5c8a use es256 for key 2023-10-05 12:07:31 -03:00
Carneiro afc25ff16b update gitignore 2023-10-05 12:05:29 -03:00
Carneiro 23a278e47d update 2023-10-05 07:36:46 -03:00
Carneiro 8ed1a5e3d4 update 2023-10-04 23:18:03 -03:00
Carneiro 423723c673 update 2023-10-04 23:14:30 -03:00
Carneiro 555cbdaaa9 update 2023-10-04 23:11:35 -03:00
Carneiro e533461e34 update 2023-10-04 23:09:54 -03:00
Carneiro 2c9224cfeb update 2023-10-04 23:08:52 -03:00
Carneiro 122ba38beb fix publish 2023-10-04 23:07:21 -03:00
9 changed files with 64 additions and 22 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -5,6 +5,7 @@ teste.py
old old
link.sh link.sh
*.key* *.key*
dbs/
# Created by https://www.toptal.com/developers/gitignore/api/python,pycharm+all # Created by https://www.toptal.com/developers/gitignore/api/python,pycharm+all
# Edit at https://www.toptal.com/developers/gitignore?templates=python,pycharm+all # Edit at https://www.toptal.com/developers/gitignore?templates=python,pycharm+all

2
gunicorn_config.py Normal file
View File

@ -0,0 +1,2 @@
workers = 4 # Adjust this based on your server's capabilities
bind = "0.0.0.0:8080" # Use the appropriate IP and port

1
requirements.txt
View File

@ -2,3 +2,4 @@ bcrypt
flask flask
pyjwt pyjwt
tinydb tinydb
gunicorn

7
src/stream_auth/keys/generate_keys.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/sh
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
openssl ec -in streamkeyEC256.key -pubout -outform PEM -out streamkeyEC256.key.pub
ssh-keygen -t ecdsa -b 256 -m PEM -f streamkeyEC256.key

11
src/stream_auth/main.py
View File

@ -13,12 +13,11 @@ app = Flask(__name__)
logging.basicConfig(level=logging.INFO) logging.basicConfig(level=logging.INFO)
def main(): # def main(*args, **kwargs):
app.register_blueprint(user_routes) app.register_blueprint(user_routes)
app.register_blueprint(stream_routes) app.register_blueprint(stream_routes)
app.run(host=settings.HOST, port=settings.PORT)
if __name__ == "__main__": if __name__ == "__main__":
main() app.run(host=settings.HOST, port=settings.PORT)
# main()

30
src/stream_auth/middlewares/jwt.py
View File

@ -1,5 +1,5 @@
import time import time
import jwt import jwt as jwtlib
from stream_auth import settings from stream_auth import settings
@ -11,27 +11,43 @@ def read_key(path):
JWT_PRIV_KEY = read_key(settings.JWT_PRIV_PATH) JWT_PRIV_KEY = read_key(settings.JWT_PRIV_PATH)
JWT_PUB_KEY = read_key(settings.JWT_PUB_PATH) JWT_PUB_KEY = read_key(settings.JWT_PUB_PATH)
STREAM_KEY_PRIV_KEY = read_key(settings.STREAM_KEY_PRIV_PATH)
STREAM_KEY_PUB_KEY = read_key(settings.STREAM_KEY_PRIV_PATH)
def create_stream_key(username: str): def create_stream_key(username: str):
payload = {'username': username} payload = {'username': username}
return jwt.encode(payload, JWT_PRIV_KEY, algorithm="RS256") return jwtlib.encode(payload, STREAM_KEY_PRIV_KEY, algorithm="ES256")
def verify_stream_key(stream_key: str):
try:
jwtlib.decode(stream_key, STREAM_KEY_PUB_KEY, algorithms=["ES256"])
except (jwtlib.exceptions.ExpiredSignatureError, jwtlib.InvalidTokenError):
return False
return True
def decode_stream_key(stream_key: str):
return jwtlib.decode(stream_key, STREAM_KEY_PUB_KEY, algorithms=["RS256"])
def create_token(username: str, stream_key: str, exp: int = settings.JWT_EXP_TIME): def create_token(username: str, stream_key: str, exp: int = settings.JWT_EXP_TIME):
exp = time.time() + exp exp = time.time() + exp
payload = {'username': username, 'stream_key': stream_key, 'exp': exp} payload = {'username': username, 'stream_key': stream_key, 'exp': exp}
return jwt.encode(payload, JWT_PRIV_KEY, algorithm="RS256") return jwtlib.encode(payload, JWT_PRIV_KEY, algorithm="RS256")
def verify(token: str): def verify_token(token: str):
# return jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
try: try:
jwt.decode(token, JWT_PUB_KEY, algorithms=["RS256"]) jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
except (jwt.exceptions.ExpiredSignatureError, jwt.InvalidTokenError): except (jwtlib.exceptions.ExpiredSignatureError, jwtlib.InvalidTokenError):
return False return False
return True return True
def decode_token(token: str): def decode_token(token: str):
return jwt.decode(token, JWT_PUB_KEY, algorithms=["RS256"]) return jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])

27
src/stream_auth/routes/stream.py
View File

@ -22,21 +22,34 @@ def create_stream():
StreamModel(username, title, description) StreamModel(username, title, description)
@stream.route('/publish_check') @stream.route('/publish_check', methods=['POST'])
def publish_check(): def publish_check():
# TODO: check if user created stream # TODO: check if user created stream
# get user # get user
stream_key = request.form.get('stream_key')
username = request.form.get('name')
print(username, stream_key)
try: try:
stream_key = request.form.get('stream_key') stream_user = user.search_user(username)[0]
username = request.form.get('name')
stream_user = user.search_stream_key(stream_key)[0] if username != stream_user['username'] or not jwt.verify_stream_key(stream_key):
if username != stream_user['username']: raise ValueError('Invalid Token')
raise ValueError
except (IndexError, ValueError): except (IndexError, ValueError):
print('vish')
return Response('Invalid Stream Key', 401) return Response('Invalid Stream Key', 401)
return Response('OK', 200) return Response('OK', 200)
@stream.route('/test')
def test():
stream_key = request.args.get('stream_key')
if jwt.verify_token(stream_key):
return Response('OK', 200)
return Response('Invalid Stream Key', 401)
# jwt.verify(stream_key)

2
src/stream_auth/routes/user.py
View File

@ -26,7 +26,7 @@ def create():
logging.info('User %s created with stream key %s', logging.info('User %s created with stream key %s',
new_user.username, new_user.stream_key) new_user.username, new_user.stream_key)
res = {'username': new_user.username, 'stream_key': str(new_user.stream_key)} res = {'username': new_user.username, 'stream_key': new_user.stream_key}
return make_response(jsonify(res), 200) return make_response(jsonify(res), 200)

5
src/stream_auth/settings.py
View File

@ -11,10 +11,13 @@ KEY_DIR = os.path.join(APP_DIR, 'keys')
JWT_PRIV_PATH = os.path.join(KEY_DIR, 'jwtRS256.key') JWT_PRIV_PATH = os.path.join(KEY_DIR, 'jwtRS256.key')
JWT_PUB_PATH = os.path.join(KEY_DIR, 'jwtRS256.key.pub') JWT_PUB_PATH = os.path.join(KEY_DIR, 'jwtRS256.key.pub')
STREAM_KEY_PRIV_PATH = os.path.join(KEY_DIR, 'streamkeyEC256.key')
STREAM_KEY_PUB_PATH = os.path.join(KEY_DIR, 'streamkeyEC256.key.pub')
JWT_EXP_TIME = 2592000 JWT_EXP_TIME = 2592000
DBS_PATH = os.path.join(APP_DIR, 'dbs') DBS_PATH = os.path.join(APP_DIR, 'dbs')
os.path.join(DBS_PATH, 'x.json')
USER_DATABASE = os.path.join(DBS_PATH, 'users.json') USER_DATABASE = os.path.join(DBS_PATH, 'users.json')
STREAM_DATABASE = os.path.join(DBS_PATH, 'streams.json') STREAM_DATABASE = os.path.join(DBS_PATH, 'streams.json')
LIVE_STREAM_DATABASE = os.path.join(DBS_PATH, 'live_streams.json') LIVE_STREAM_DATABASE = os.path.join(DBS_PATH, 'live_streams.json')
STREAM_KEY_LENGTH = 32 STREAM_KEY_LENGTH = 32