ssh key저장 기능 추가
All checks were successful
Build And Test / build-and-push (push) Successful in 1m57s
All checks were successful
Build And Test / build-and-push (push) Successful in 1m57s
This commit is contained in:
@ -1,5 +1,8 @@
|
||||
from django.db import models
|
||||
from django.contrib.auth.models import AbstractBaseUser, PermissionsMixin, BaseUserManager
|
||||
import base64
|
||||
from cryptography.fernet import Fernet
|
||||
from django.utils import timezone
|
||||
|
||||
|
||||
class CustomUserManager(BaseUserManager):
|
||||
@ -15,7 +18,7 @@ class CustomUserManager(BaseUserManager):
|
||||
def create_superuser(self, email, password=None, **extra_fields):
|
||||
extra_fields.setdefault("is_staff", True)
|
||||
extra_fields.setdefault("is_superuser", True)
|
||||
extra_fields.setdefault("grade", "admin") # 슈퍼유저는 기본 admin
|
||||
extra_fields.setdefault("grade", "admin")
|
||||
|
||||
if extra_fields.get("is_staff") is not True:
|
||||
raise ValueError("Superuser must have is_staff=True.")
|
||||
@ -30,7 +33,6 @@ class CustomUser(AbstractBaseUser, PermissionsMixin):
|
||||
('admin', '관리자'),
|
||||
('manager', '매니저'),
|
||||
('user', '일반 사용자'),
|
||||
|
||||
)
|
||||
|
||||
email = models.EmailField(unique=True)
|
||||
@ -38,10 +40,15 @@ class CustomUser(AbstractBaseUser, PermissionsMixin):
|
||||
grade = models.CharField(max_length=20, choices=GRADE_CHOICES, default='user')
|
||||
desc = models.TextField(blank=True, null=True, verbose_name="설명")
|
||||
|
||||
is_active = models.BooleanField(default=False) # 최초 가입 비활성
|
||||
is_active = models.BooleanField(default=False)
|
||||
is_staff = models.BooleanField(default=False)
|
||||
created_at = models.DateTimeField(auto_now_add=True)
|
||||
|
||||
# 🔐 SSH 키 관련 필드
|
||||
encrypted_private_key_name = models.CharField(max_length=100, blank=True, null=True, verbose_name="SSH 키 이름")
|
||||
encrypted_private_key = models.BinaryField(blank=True, null=True)
|
||||
last_used_at = models.DateTimeField(blank=True, null=True, verbose_name="SSH 키 마지막 사용 시각")
|
||||
|
||||
objects = CustomUserManager()
|
||||
|
||||
USERNAME_FIELD = 'email'
|
||||
@ -49,3 +56,26 @@ class CustomUser(AbstractBaseUser, PermissionsMixin):
|
||||
|
||||
def __str__(self):
|
||||
return self.email
|
||||
|
||||
# 🔐 SSH Private Key 암복호화 관련 메서드
|
||||
def encrypt_private_key(self, private_key: str) -> bytes:
|
||||
cipher = Fernet(self.get_encryption_key())
|
||||
return cipher.encrypt(private_key.encode())
|
||||
|
||||
def decrypt_private_key(self) -> str:
|
||||
if self.encrypted_private_key:
|
||||
cipher = Fernet(self.get_encryption_key())
|
||||
decrypted = cipher.decrypt(self.encrypted_private_key).decode()
|
||||
self.last_used_at = timezone.now()
|
||||
self.save(update_fields=['last_used_at']) # 📌 사용 시각 업데이트
|
||||
return decrypted
|
||||
return ""
|
||||
|
||||
def save_private_key(self, private_key: str):
|
||||
self.encrypted_private_key = self.encrypt_private_key(private_key)
|
||||
self.save()
|
||||
|
||||
def get_encryption_key(self) -> bytes:
|
||||
email_encoded = self.email.encode()
|
||||
base64_key = base64.urlsafe_b64encode(email_encoded.ljust(32)[:32])
|
||||
return base64_key
|
||||
|
||||
Reference in New Issue
Block a user