Compare commits
10 Commits
7c411c8526
...
8245ee3ab4
Author | SHA1 | Date |
---|---|---|
Carneiro | 8245ee3ab4 | |
Carneiro | 95daba5c8a | |
Carneiro | afc25ff16b | |
Carneiro | 23a278e47d | |
Carneiro | 8ed1a5e3d4 | |
Carneiro | 423723c673 | |
Carneiro | 555cbdaaa9 | |
Carneiro | e533461e34 | |
Carneiro | 2c9224cfeb | |
Carneiro | 122ba38beb |
|
@ -5,6 +5,7 @@ teste.py
|
||||||
old
|
old
|
||||||
link.sh
|
link.sh
|
||||||
*.key*
|
*.key*
|
||||||
|
dbs/
|
||||||
|
|
||||||
# Created by https://www.toptal.com/developers/gitignore/api/python,pycharm+all
|
# Created by https://www.toptal.com/developers/gitignore/api/python,pycharm+all
|
||||||
# Edit at https://www.toptal.com/developers/gitignore?templates=python,pycharm+all
|
# Edit at https://www.toptal.com/developers/gitignore?templates=python,pycharm+all
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
workers = 4 # Adjust this based on your server's capabilities
|
||||||
|
bind = "0.0.0.0:8080" # Use the appropriate IP and port
|
|
@ -2,3 +2,4 @@ bcrypt
|
||||||
flask
|
flask
|
||||||
pyjwt
|
pyjwt
|
||||||
tinydb
|
tinydb
|
||||||
|
gunicorn
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
|
||||||
|
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
|
||||||
|
|
||||||
|
openssl ec -in streamkeyEC256.key -pubout -outform PEM -out streamkeyEC256.key.pub
|
||||||
|
ssh-keygen -t ecdsa -b 256 -m PEM -f streamkeyEC256.key
|
|
@ -13,12 +13,11 @@ app = Flask(__name__)
|
||||||
logging.basicConfig(level=logging.INFO)
|
logging.basicConfig(level=logging.INFO)
|
||||||
|
|
||||||
|
|
||||||
def main():
|
# def main(*args, **kwargs):
|
||||||
app.register_blueprint(user_routes)
|
app.register_blueprint(user_routes)
|
||||||
app.register_blueprint(stream_routes)
|
app.register_blueprint(stream_routes)
|
||||||
|
|
||||||
app.run(host=settings.HOST, port=settings.PORT)
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
main()
|
app.run(host=settings.HOST, port=settings.PORT)
|
||||||
|
# main()
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
import time
|
import time
|
||||||
import jwt
|
import jwt as jwtlib
|
||||||
from stream_auth import settings
|
from stream_auth import settings
|
||||||
|
|
||||||
|
|
||||||
|
@ -11,27 +11,43 @@ def read_key(path):
|
||||||
|
|
||||||
JWT_PRIV_KEY = read_key(settings.JWT_PRIV_PATH)
|
JWT_PRIV_KEY = read_key(settings.JWT_PRIV_PATH)
|
||||||
JWT_PUB_KEY = read_key(settings.JWT_PUB_PATH)
|
JWT_PUB_KEY = read_key(settings.JWT_PUB_PATH)
|
||||||
|
STREAM_KEY_PRIV_KEY = read_key(settings.STREAM_KEY_PRIV_PATH)
|
||||||
|
STREAM_KEY_PUB_KEY = read_key(settings.STREAM_KEY_PRIV_PATH)
|
||||||
|
|
||||||
|
|
||||||
def create_stream_key(username: str):
|
def create_stream_key(username: str):
|
||||||
payload = {'username': username}
|
payload = {'username': username}
|
||||||
return jwt.encode(payload, JWT_PRIV_KEY, algorithm="RS256")
|
return jwtlib.encode(payload, STREAM_KEY_PRIV_KEY, algorithm="ES256")
|
||||||
|
|
||||||
|
|
||||||
|
def verify_stream_key(stream_key: str):
|
||||||
|
try:
|
||||||
|
jwtlib.decode(stream_key, STREAM_KEY_PUB_KEY, algorithms=["ES256"])
|
||||||
|
except (jwtlib.exceptions.ExpiredSignatureError, jwtlib.InvalidTokenError):
|
||||||
|
return False
|
||||||
|
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def decode_stream_key(stream_key: str):
|
||||||
|
return jwtlib.decode(stream_key, STREAM_KEY_PUB_KEY, algorithms=["RS256"])
|
||||||
|
|
||||||
|
|
||||||
def create_token(username: str, stream_key: str, exp: int = settings.JWT_EXP_TIME):
|
def create_token(username: str, stream_key: str, exp: int = settings.JWT_EXP_TIME):
|
||||||
exp = time.time() + exp
|
exp = time.time() + exp
|
||||||
payload = {'username': username, 'stream_key': stream_key, 'exp': exp}
|
payload = {'username': username, 'stream_key': stream_key, 'exp': exp}
|
||||||
return jwt.encode(payload, JWT_PRIV_KEY, algorithm="RS256")
|
return jwtlib.encode(payload, JWT_PRIV_KEY, algorithm="RS256")
|
||||||
|
|
||||||
|
|
||||||
def verify(token: str):
|
def verify_token(token: str):
|
||||||
|
# return jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
|
||||||
try:
|
try:
|
||||||
jwt.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
|
jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
|
||||||
except (jwt.exceptions.ExpiredSignatureError, jwt.InvalidTokenError):
|
except (jwtlib.exceptions.ExpiredSignatureError, jwtlib.InvalidTokenError):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
def decode_token(token: str):
|
def decode_token(token: str):
|
||||||
return jwt.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
|
return jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
|
||||||
|
|
|
@ -22,21 +22,34 @@ def create_stream():
|
||||||
StreamModel(username, title, description)
|
StreamModel(username, title, description)
|
||||||
|
|
||||||
|
|
||||||
@stream.route('/publish_check')
|
@stream.route('/publish_check', methods=['POST'])
|
||||||
def publish_check():
|
def publish_check():
|
||||||
|
|
||||||
# TODO: check if user created stream
|
# TODO: check if user created stream
|
||||||
|
|
||||||
# get user
|
# get user
|
||||||
try:
|
|
||||||
stream_key = request.form.get('stream_key')
|
stream_key = request.form.get('stream_key')
|
||||||
username = request.form.get('name')
|
username = request.form.get('name')
|
||||||
stream_user = user.search_stream_key(stream_key)[0]
|
print(username, stream_key)
|
||||||
if username != stream_user['username']:
|
try:
|
||||||
raise ValueError
|
stream_user = user.search_user(username)[0]
|
||||||
|
|
||||||
|
if username != stream_user['username'] or not jwt.verify_stream_key(stream_key):
|
||||||
|
raise ValueError('Invalid Token')
|
||||||
|
|
||||||
except (IndexError, ValueError):
|
except (IndexError, ValueError):
|
||||||
print('vish')
|
|
||||||
return Response('Invalid Stream Key', 401)
|
return Response('Invalid Stream Key', 401)
|
||||||
|
|
||||||
return Response('OK', 200)
|
return Response('OK', 200)
|
||||||
|
|
||||||
|
|
||||||
|
@stream.route('/test')
|
||||||
|
def test():
|
||||||
|
|
||||||
|
stream_key = request.args.get('stream_key')
|
||||||
|
if jwt.verify_token(stream_key):
|
||||||
|
return Response('OK', 200)
|
||||||
|
|
||||||
|
return Response('Invalid Stream Key', 401)
|
||||||
|
|
||||||
|
# jwt.verify(stream_key)
|
||||||
|
|
|
@ -26,7 +26,7 @@ def create():
|
||||||
logging.info('User %s created with stream key %s',
|
logging.info('User %s created with stream key %s',
|
||||||
new_user.username, new_user.stream_key)
|
new_user.username, new_user.stream_key)
|
||||||
|
|
||||||
res = {'username': new_user.username, 'stream_key': str(new_user.stream_key)}
|
res = {'username': new_user.username, 'stream_key': new_user.stream_key}
|
||||||
return make_response(jsonify(res), 200)
|
return make_response(jsonify(res), 200)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -11,10 +11,13 @@ KEY_DIR = os.path.join(APP_DIR, 'keys')
|
||||||
|
|
||||||
JWT_PRIV_PATH = os.path.join(KEY_DIR, 'jwtRS256.key')
|
JWT_PRIV_PATH = os.path.join(KEY_DIR, 'jwtRS256.key')
|
||||||
JWT_PUB_PATH = os.path.join(KEY_DIR, 'jwtRS256.key.pub')
|
JWT_PUB_PATH = os.path.join(KEY_DIR, 'jwtRS256.key.pub')
|
||||||
|
STREAM_KEY_PRIV_PATH = os.path.join(KEY_DIR, 'streamkeyEC256.key')
|
||||||
|
STREAM_KEY_PUB_PATH = os.path.join(KEY_DIR, 'streamkeyEC256.key.pub')
|
||||||
JWT_EXP_TIME = 2592000
|
JWT_EXP_TIME = 2592000
|
||||||
|
|
||||||
DBS_PATH = os.path.join(APP_DIR, 'dbs')
|
DBS_PATH = os.path.join(APP_DIR, 'dbs')
|
||||||
os.path.join(DBS_PATH, 'x.json')
|
|
||||||
USER_DATABASE = os.path.join(DBS_PATH, 'users.json')
|
USER_DATABASE = os.path.join(DBS_PATH, 'users.json')
|
||||||
STREAM_DATABASE = os.path.join(DBS_PATH, 'streams.json')
|
STREAM_DATABASE = os.path.join(DBS_PATH, 'streams.json')
|
||||||
LIVE_STREAM_DATABASE = os.path.join(DBS_PATH, 'live_streams.json')
|
LIVE_STREAM_DATABASE = os.path.join(DBS_PATH, 'live_streams.json')
|
||||||
|
|
||||||
STREAM_KEY_LENGTH = 32
|
STREAM_KEY_LENGTH = 32
|
||||||
|
|
Loading…
Reference in New Issue