ssh암복호화 해결 해야함

2025-05-20 19:07:11 +09:00
parent b172945fc5
commit 69aca7ae85
9 changed files with 276 additions and 5 deletions
--- a/ansible/views.py
+++ b/ansible/views.py
@ -1,3 +1,101 @@
-from django.shortcuts import render
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework import status
+from rest_framework.permissions import IsAuthenticated
+from rest_framework_simplejwt.views import TokenObtainPairView

-# Create your views here.
+from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer
+from cryptography.fernet import Fernet
+from django.conf import settings
+import base64
+import hashlib
+
+# Fernet 키를 settings.SECRET_KEY에서 파생
+hashed = hashlib.sha256(settings.SECRET_KEY.encode()).digest()
+fernet_key = base64.urlsafe_b64encode(hashed[:32])
+fernet = Fernet(fernet_key)
+
+
+class RegisterView(APIView):
+    def post(self, request):
+        serializer = RegisterSerializer(data=request.data)
+        if serializer.is_valid():
+            user = serializer.save()
+            return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
+class MeView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        user = request.user
+        serializer = RegisterSerializer(user)
+        return Response(serializer.data)
+
+    def put(self, request):
+        user = request.user
+        serializer = RegisterSerializer(user, data=request.data, partial=True)
+        if serializer.is_valid():
+            serializer.save()
+            return Response(serializer.data)
+        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+
+
+class CustomTokenObtainPairView(TokenObtainPairView):
+    serializer_class = CustomTokenObtainPairSerializer
+
+
+class SSHKeyUploadView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def post(self, request):
+        private_key = request.data.get("private_key")
+        key_name = request.data.get("key_name")
+
+        if not private_key or not key_name:
+            return Response(
+                {"error": "private_key와 key_name 모두 필요합니다."},
+                status=status.HTTP_400_BAD_REQUEST
+            )
+
+        user = request.user
+        try:
+            encrypted_key = fernet.encrypt(private_key.encode()).decode()  # ✅ decode 추가
+            user.encrypted_private_key = encrypted_key
+            user.encrypted_private_key_name = key_name
+            user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"])
+            return Response({"message": "SSH key 저장 완료."})
+        except Exception as e:
+            return Response({"error": str(e)}, status=500)
+
+    def delete(self, request):
+        user = request.user
+        user.encrypted_private_key = None
+        user.encrypted_private_key_name = None
+        user.last_used_at = None
+        user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"])
+        return Response({"message": "SSH key deleted."}, status=200)
+
+
+class SSHKeyInfoView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        user = request.user
+        return Response({
+            "has_key": bool(user.encrypted_private_key),
+            "encrypted_private_key_name": user.encrypted_private_key_name,
+            "last_used_at": user.last_used_at
+        })
+
+
+# ✅ 실제 암호화된 키를 반환하는 API
+class SSHKeyRetrieveView(APIView):
+    permission_classes = [IsAuthenticated]
+
+    def get(self, request):
+        user = request.user
+        if not user.encrypted_private_key:
+            return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404)
+        return Response({"ssh_key": user.encrypted_private_key})