initial commit

2025-01-06 11:49:58 +01:00
commit a5b6b54429
23 changed files with 662 additions and 0 deletions
--- a/wallet_api/views.py
+++ b/wallet_api/views.py
@@ -0,0 +1,84 @@
+from django.http import JsonResponse
+from django.views.decorators.csrf import csrf_exempt
+from .models import PasswordEntry
+from .utils import authenticate, derive_key, encrypt_password, decrypt_password
+import json
+
+@csrf_exempt
+def add_password_api(request):
+    if request.method == 'POST':
+        data = json.loads(request.body)
+        master_password = data.get('master_password')
+        site = data.get('site')
+        username = data.get('username')
+        password = data.get('password')
+        client_id = data.get('client_id')
+        topic = data.get('topic')
+
+        if not authenticate(master_password):
+            return JsonResponse({"error": "Master password errata"}, status=403)
+
+        key = derive_key(master_password)
+        encrypted_password = encrypt_password(password, key)
+
+        PasswordEntry.objects.create(
+            site=site,
+            username=username,
+            password=encrypted_password,
+            client_id=client_id,
+            topic=topic
+        )
+        return JsonResponse({"message": "Password aggiunta con successo"})
+
+@csrf_exempt
+def get_password_api(request):
+    if request.method == 'POST':
+        data = json.loads(request.body)
+        master_password = data.get('master_password')
+        site = data.get('site')
+
+        if not authenticate(master_password):
+            return JsonResponse({"error": "Master password errata"}, status=403)
+
+        key = derive_key(master_password)
+        try:
+            entry = PasswordEntry.objects.get(site=site)
+            decrypted_password = decrypt_password(entry.password, key)
+            return JsonResponse({
+                "site": entry.site,
+                "username": entry.username,
+                "password": decrypted_password,
+                "client_id": entry.client_id,
+                "topic": entry.topic
+            })
+        except PasswordEntry.DoesNotExist:
+            return JsonResponse({"error": "Sito non trovato"}, status=404)
+
+@csrf_exempt
+def delete_password_api(request):
+    if request.method == 'POST':
+        data = json.loads(request.body)
+        master_password = data.get('master_password')
+        site = data.get('site')
+
+        if not authenticate(master_password):
+            return JsonResponse({"error": "Master password errata"}, status=403)
+
+        try:
+            entry = PasswordEntry.objects.get(site=site)
+            entry.delete()
+            return JsonResponse({"message": "Password cancellata con successo"})
+        except PasswordEntry.DoesNotExist:
+            return JsonResponse({"error": "Sito non trovato"}, status=404)
+
+@csrf_exempt
+def list_sites_api(request):
+    if request.method == 'POST':
+        data = json.loads(request.body)
+        master_password = data.get('master_password')
+
+        if not authenticate(master_password):
+            return JsonResponse({"error": "Master password errata"}, status=403)
+
+        sites = PasswordEntry.objects.values_list('site', flat=True)
+        return JsonResponse({"sites": list(sites)})