Add route for resetting device secret

2018-11-03 16:00:46 +01:00 · 2018-11-03 16:00:46 +01:00 · 06700e76aa
parent 2b34466589
commit 06700e76aa
4 changed files with 43 additions and 0 deletions
--- a/app/api/blueprint.py
+++ b/app/api/blueprint.py
@ -24,6 +24,7 @@ def add_resources():
                                   DeviceTypeListResource,
                                   DeviceConfigurationResource,
                                   DeviceSecretResource,
+                                   DeviceSecretResetResource,
                                   DeviceShareResource,
                                   DeviceShareActivationResource)
    from .resources.dashboard import (DashboardResource,
@ -55,6 +56,8 @@ def add_resources():
                     '/v1/devices/<int:device_id>/configuration')
    api.add_resource(DeviceSecretResource,
                     '/v1/devices/<int:device_id>/secret')
+    api.add_resource(DeviceSecretResetResource,
+                     '/v1/devices/<int:device_id>/secret/reset')
    api.add_resource(DeviceShareResource,
                     '/v1/devices/<int:device_id>/share')
    api.add_resource(
--- a/app/api/resources/device.py
+++ b/app/api/resources/device.py
@ -174,6 +174,14 @@ class DeviceSecretResource(ProtectedResource):
        return DeviceSecretSchema().dump(devices.get_device(device_id)), 200


+class DeviceSecretResetResource(ProtectedResource):
+    @swag_from('swagger/reset_device_secret_spec.yaml')
+    def post(self, device_id):
+        validate_device_ownership(device_id)
+        return DeviceSecretSchema().dump(
+                devices.reset_device_secret(device_id)), 200
+
+
 class DeviceShareResource(ProtectedResource):
    @use_args(DeviceShareSchema(), locations=('json',))
    @swag_from('swagger/create_device_share_token_spec.yaml')
--- a/app/api/resources/swagger/reset_device_secret_spec.yaml
+++ b/app/api/resources/swagger/reset_device_secret_spec.yaml
@ -0,0 +1,20 @@
+Resets a device secret info
+---
+tags:
+  - Device
+parameters:
+  - in: path
+    name: device_id
+    required: true
+    type: integer
+    description: Id of the device
+responses:
+  200:
+    description: Success
+    schema:
+      type: object
+      required:
+        - content
+      properties:
+        content:
+          $ref: '#/definitions/DeviceSecretInfo'
--- a/app/devices/api.py
+++ b/app/devices/api.py
@ -2,6 +2,7 @@ import sys
 import hmac
 import urllib.parse
 import datetime
+from secrets import token_urlsafe
 from .models import (Device,
                     Recording,
                     DeviceAssociation,
@ -150,6 +151,17 @@ def get_device(device_id):
    return Device.get(id=device_id)


+def reset_device_secret(device_id):
+    """
+    Resets device secret for device with given parameters. Raises error on
+    failure
+    """
+    device = Device.get(id=device_id)
+    device.device_secret = token_urlsafe(32)
+    device.save()
+    return device
+
+
 def can_user_access_device(account_id, device_id):
    """
    Checks if user with given account_id can access device with given device_id