dev/msa-django-auth
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

custom span test
All checks were successful
Build And Test / build-and-push (push) Successful in 3m2s
Details

Browse Source
This commit is contained in:
icurfer
2025-06-16 16:36:21 +09:00
parent 8cfb353679
commit 3610fa6ae9
4 changed files with 147 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -1,4 +1,14 @@
# msa-django-auth # msa-django-auth
mkdir -p wheelhouse ## dev env
pip download -r requirements.txt -d wheelhouse/ ### auth
```bash
gunicorn auth_prj.wsgi:application --bind 0.0.0.0:8000 --workers 3
```
### blog
```bash
gunicorn auth_prj.wsgi:application --bind 0.0.0.0:8800 --workers 3
```

55
users/_unused_views.py
View File

@ -1,19 +1,31 @@
# views.py # views.py
import logging
from opentelemetry import trace # OpenTelemetry 임포트
from rest_framework.views import APIView from rest_framework.views import APIView
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework import status from rest_framework import status
from rest_framework.permissions import IsAuthenticated from rest_framework.permissions import IsAuthenticated
from rest_framework_simplejwt.views import TokenObtainPairView from rest_framework_simplejwt.views import TokenObtainPairView
from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer
logger = logging.getLogger(__name__)
tracer = trace.get_tracer(__name__) # 트레이서 가져오기
def get_request_info(request):
ip = request.META.get("REMOTE_ADDR", "unknown")
ua = request.META.get("HTTP_USER_AGENT", "unknown")
email = getattr(request.user, "email", "anonymous")
return email, ip, ua
class RegisterView(APIView): class RegisterView(APIView):
def post(self, request): def post(self, request):
email, ip, ua = get_request_info(request)
serializer = RegisterSerializer(data=request.data) serializer = RegisterSerializer(data=request.data)
if serializer.is_valid(): if serializer.is_valid():
user = serializer.save() user = serializer.save()
logger.info(f"[REGISTER] user={user.email} | status=success | IP={ip} | UA={ua}")
return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED) return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED)
logger.warning(f"[REGISTER] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}")
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@ -21,52 +33,74 @@ class MeView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def get(self, request): def get(self, request):
user = request.user email, ip, ua = get_request_info(request)
serializer = RegisterSerializer(user) logger.debug(f"[ME GET] user={email} | IP={ip} | UA={ua}")
serializer = RegisterSerializer(request.user)
return Response(serializer.data) return Response(serializer.data)
def put(self, request): def put(self, request):
user = request.user email, ip, ua = get_request_info(request)
serializer = RegisterSerializer(user, data=request.data, partial=True) serializer = RegisterSerializer(request.user, data=request.data, partial=True)
if serializer.is_valid(): if serializer.is_valid():
serializer.save() serializer.save()
logger.info(f"[ME UPDATE] user={email} | status=success | IP={ip} | UA={ua}")
return Response(serializer.data) return Response(serializer.data)
logger.warning(f"[ME UPDATE] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}")
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
class CustomTokenObtainPairView(TokenObtainPairView): class CustomTokenObtainPairView(TokenObtainPairView):
serializer_class = CustomTokenObtainPairSerializer serializer_class = CustomTokenObtainPairSerializer
def post(self, request, *args, **kwargs):
ip = request.META.get("REMOTE_ADDR", "unknown")
ua = request.META.get("HTTP_USER_AGENT", "unknown")
email = request.data.get("email", "unknown")
logger.info(f"[LOGIN] user={email} | status=attempt | IP={ip} | UA={ua}")
response = super().post(request, *args, **kwargs)
# 성공 실패 판단
if response.status_code == 200:
logger.info(f"[LOGIN] user={email} | status=success | IP={ip} | UA={ua}")
else:
logger.warning(f"[LOGIN] user={email} | status=fail | IP={ip} | UA={ua} | detail={response.data}")
return response
class SSHKeyUploadView(APIView): class SSHKeyUploadView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def post(self, request): def post(self, request):
email, ip, ua = get_request_info(request)
private_key = request.data.get("private_key") private_key = request.data.get("private_key")
key_name = request.data.get("key_name") key_name = request.data.get("key_name")
if not private_key or not key_name: if not private_key or not key_name:
logger.warning(f"[SSH UPLOAD] user={email} | status=fail | reason=missing_key_or_name | IP={ip} | UA={ua}")
return Response( return Response(
{"error": "private_key와 key_name 모두 필요합니다."}, {"error": "private_key와 key_name 모두 필요합니다."},
status=status.HTTP_400_BAD_REQUEST status=status.HTTP_400_BAD_REQUEST
) )
user = request.user
try: try:
# ✅ 모델 메서드로 암호화 저장 처리 user = request.user
user.save_private_key(private_key) user.save_private_key(private_key)
user.encrypted_private_key_name = key_name user.encrypted_private_key_name = key_name
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"]) user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"])
logger.info(f"[SSH UPLOAD] user={email} | status=success | key_name={key_name} | IP={ip} | UA={ua}")
return Response({"message": "SSH key 저장 완료."}, status=201) return Response({"message": "SSH key 저장 완료."}, status=201)
except Exception as e: except Exception as e:
logger.exception(f"[SSH UPLOAD] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}")
return Response({"error": f"암호화 또는 저장 실패: {str(e)}"}, status=500) return Response({"error": f"암호화 또는 저장 실패: {str(e)}"}, status=500)
def delete(self, request): def delete(self, request):
email, ip, ua = get_request_info(request)
user = request.user user = request.user
user.encrypted_private_key = None user.encrypted_private_key = None
user.encrypted_private_key_name = None user.encrypted_private_key_name = None
user.last_used_at = None user.last_used_at = None
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"]) user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"])
logger.info(f"[SSH DELETE] user={email} | status=success | IP={ip} | UA={ua}")
return Response({"message": "SSH key deleted."}, status=200) return Response({"message": "SSH key deleted."}, status=200)
@ -74,6 +108,8 @@ class SSHKeyInfoView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def get(self, request): def get(self, request):
email, ip, ua = get_request_info(request)
logger.debug(f"[SSH INFO] user={email} | IP={ip} | UA={ua}")
user = request.user user = request.user
return Response({ return Response({
"has_key": bool(user.encrypted_private_key), "has_key": bool(user.encrypted_private_key),
@ -86,13 +122,16 @@ class SSHKeyRetrieveView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def get(self, request): def get(self, request):
email, ip, ua = get_request_info(request)
user = request.user user = request.user
if not user.encrypted_private_key: if not user.encrypted_private_key:
logger.warning(f"[SSH RETRIEVE] user={email} | status=fail | reason=not_found | IP={ip} | UA={ua}")
return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404) return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404)
try: try:
# ✅ 모델 메서드로 복호화 처리
decrypted_key = user.decrypt_private_key() decrypted_key = user.decrypt_private_key()
logger.info(f"[SSH RETRIEVE] user={email} | status=success | IP={ip} | UA={ua}")
return Response({"ssh_key": decrypted_key}) return Response({"ssh_key": decrypted_key})
except Exception as e: except Exception as e:
logger.exception(f"[SSH RETRIEVE] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}")
return Response({"error": f"복호화 실패: {str(e)}"}, status=500) return Response({"error": f"복호화 실패: {str(e)}"}, status=500)

170
users/views.py
View File

@ -1,5 +1,6 @@
# views.py # views.py
import logging import logging
from opentelemetry import trace # ✅ OpenTelemetry 트레이서
from rest_framework.views import APIView from rest_framework.views import APIView
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework import status from rest_framework import status
@ -8,6 +9,7 @@ from rest_framework_simplejwt.views import TokenObtainPairView
from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
tracer = trace.get_tracer(__name__) # ✅ 트레이서 생성
def get_request_info(request): def get_request_info(request):
ip = request.META.get("REMOTE_ADDR", "unknown") ip = request.META.get("REMOTE_ADDR", "unknown")
@ -17,119 +19,121 @@ def get_request_info(request):
class RegisterView(APIView): class RegisterView(APIView):
def post(self, request): def post(self, request):
email, ip, ua = get_request_info(request) with tracer.start_as_current_span("RegisterView POST"): # ✅ Span 생성
serializer = RegisterSerializer(data=request.data) email, ip, ua = get_request_info(request)
if serializer.is_valid(): serializer = RegisterSerializer(data=request.data)
user = serializer.save() if serializer.is_valid():
logger.info(f"[REGISTER] user={user.email} | status=success | IP={ip} | UA={ua}") user = serializer.save()
return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED) logger.info(f"[REGISTER] user={user.email} | status=success | IP={ip} | UA={ua}")
logger.warning(f"[REGISTER] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}") return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) logger.warning(f"[REGISTER] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}")
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
class MeView(APIView): class MeView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def get(self, request): def get(self, request):
email, ip, ua = get_request_info(request) with tracer.start_as_current_span("MeView GET"): # ✅ Span 생성
logger.debug(f"[ME GET] user={email} | IP={ip} | UA={ua}") email, ip, ua = get_request_info(request)
serializer = RegisterSerializer(request.user) logger.debug(f"[ME GET] user={email} | IP={ip} | UA={ua}")
return Response(serializer.data) serializer = RegisterSerializer(request.user)
return Response(serializer.data)
def put(self, request): def put(self, request):
email, ip, ua = get_request_info(request) with tracer.start_as_current_span("MeView PUT"): # ✅ Span 생성
serializer = RegisterSerializer(request.user, data=request.data, partial=True) email, ip, ua = get_request_info(request)
if serializer.is_valid(): serializer = RegisterSerializer(request.user, data=request.data, partial=True)
serializer.save() if serializer.is_valid():
logger.info(f"[ME UPDATE] user={email} | status=success | IP={ip} | UA={ua}") serializer.save()
return Response(serializer.data) logger.info(f"[ME UPDATE] user={email} | status=success | IP={ip} | UA={ua}")
logger.warning(f"[ME UPDATE] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}") return Response(serializer.data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) logger.warning(f"[ME UPDATE] user={email} | status=fail | IP={ip} | UA={ua} | detail={serializer.errors}")
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
class CustomTokenObtainPairView(TokenObtainPairView): class CustomTokenObtainPairView(TokenObtainPairView):
serializer_class = CustomTokenObtainPairSerializer serializer_class = CustomTokenObtainPairSerializer
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
ip = request.META.get("REMOTE_ADDR", "unknown") with tracer.start_as_current_span("TokenObtainPairView POST"): # ✅ Span 생성
ua = request.META.get("HTTP_USER_AGENT", "unknown") ip = request.META.get("REMOTE_ADDR", "unknown")
email = request.data.get("email", "unknown") ua = request.META.get("HTTP_USER_AGENT", "unknown")
logger.info(f"[LOGIN] user={email} | status=attempt | IP={ip} | UA={ua}") email = request.data.get("email", "unknown")
response = super().post(request, *args, **kwargs) logger.info(f"[LOGIN] user={email} | status=attempt | IP={ip} | UA={ua}")
response = super().post(request, *args, **kwargs)
# 성공 실패 판단
if response.status_code == 200:
logger.info(f"[LOGIN] user={email} | status=success | IP={ip} | UA={ua}")
else:
logger.warning(f"[LOGIN] user={email} | status=fail | IP={ip} | UA={ua} | detail={response.data}")
return response
if response.status_code == 200:
logger.info(f"[LOGIN] user={email} | status=success | IP={ip} | UA={ua}")
else:
logger.warning(f"[LOGIN] user={email} | status=fail | IP={ip} | UA={ua} | detail={response.data}")
return response
class SSHKeyUploadView(APIView): class SSHKeyUploadView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def post(self, request): def post(self, request):
email, ip, ua = get_request_info(request) with tracer.start_as_current_span("SSHKeyUploadView POST"): # ✅ Span 생성
private_key = request.data.get("private_key") email, ip, ua = get_request_info(request)
key_name = request.data.get("key_name") private_key = request.data.get("private_key")
key_name = request.data.get("key_name")
if not private_key or not key_name: if not private_key or not key_name:
logger.warning(f"[SSH UPLOAD] user={email} | status=fail | reason=missing_key_or_name | IP={ip} | UA={ua}") logger.warning(f"[SSH UPLOAD] user={email} | status=fail | reason=missing_key_or_name | IP={ip} | UA={ua}")
return Response( return Response(
{"error": "private_key와 key_name 모두 필요합니다."}, {"error": "private_key와 key_name 모두 필요합니다."},
status=status.HTTP_400_BAD_REQUEST status=status.HTTP_400_BAD_REQUEST
) )
try: try:
user = request.user user = request.user
user.save_private_key(private_key) user.save_private_key(private_key)
user.encrypted_private_key_name = key_name user.encrypted_private_key_name = key_name
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"]) user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"])
logger.info(f"[SSH UPLOAD] user={email} | status=success | key_name={key_name} | IP={ip} | UA={ua}") logger.info(f"[SSH UPLOAD] user={email} | status=success | key_name={key_name} | IP={ip} | UA={ua}")
return Response({"message": "SSH key 저장 완료."}, status=201) return Response({"message": "SSH key 저장 완료."}, status=201)
except Exception as e: except Exception as e:
logger.exception(f"[SSH UPLOAD] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}") logger.exception(f"[SSH UPLOAD] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}")
return Response({"error": f"암호화 또는 저장 실패: {str(e)}"}, status=500) return Response({"error": f"암호화 또는 저장 실패: {str(e)}"}, status=500)
def delete(self, request): def delete(self, request):
email, ip, ua = get_request_info(request) with tracer.start_as_current_span("SSHKeyUploadView DELETE"): # ✅ Span 생성
user = request.user email, ip, ua = get_request_info(request)
user.encrypted_private_key = None user = request.user
user.encrypted_private_key_name = None user.encrypted_private_key = None
user.last_used_at = None user.encrypted_private_key_name = None
user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"]) user.last_used_at = None
logger.info(f"[SSH DELETE] user={email} | status=success | IP={ip} | UA={ua}") user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"])
return Response({"message": "SSH key deleted."}, status=200) logger.info(f"[SSH DELETE] user={email} | status=success | IP={ip} | UA={ua}")
return Response({"message": "SSH key deleted."}, status=200)
class SSHKeyInfoView(APIView): class SSHKeyInfoView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def get(self, request): def get(self, request):
email, ip, ua = get_request_info(request) with tracer.start_as_current_span("SSHKeyInfoView GET"): # ✅ Span 생성
logger.debug(f"[SSH INFO] user={email} | IP={ip} | UA={ua}") email, ip, ua = get_request_info(request)
user = request.user logger.debug(f"[SSH INFO] user={email} | IP={ip} | UA={ua}")
return Response({ user = request.user
"has_key": bool(user.encrypted_private_key), return Response({
"encrypted_private_key_name": user.encrypted_private_key_name, "has_key": bool(user.encrypted_private_key),
"last_used_at": user.last_used_at "encrypted_private_key_name": user.encrypted_private_key_name,
}) "last_used_at": user.last_used_at
})
class SSHKeyRetrieveView(APIView): class SSHKeyRetrieveView(APIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def get(self, request): def get(self, request):
email, ip, ua = get_request_info(request) with tracer.start_as_current_span("SSHKeyRetrieveView GET"): # ✅ Span 생성
user = request.user email, ip, ua = get_request_info(request)
if not user.encrypted_private_key: user = request.user
logger.warning(f"[SSH RETRIEVE] user={email} | status=fail | reason=not_found | IP={ip} | UA={ua}") if not user.encrypted_private_key:
return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404) logger.warning(f"[SSH RETRIEVE] user={email} | status=fail | reason=not_found | IP={ip} | UA={ua}")
return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404)
try: try:
decrypted_key = user.decrypt_private_key() decrypted_key = user.decrypt_private_key()
logger.info(f"[SSH RETRIEVE] user={email} | status=success | IP={ip} | UA={ua}") logger.info(f"[SSH RETRIEVE] user={email} | status=success | IP={ip} | UA={ua}")
return Response({"ssh_key": decrypted_key}) return Response({"ssh_key": decrypted_key})
except Exception as e: except Exception as e:
logger.exception(f"[SSH RETRIEVE] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}") logger.exception(f"[SSH RETRIEVE] user={email} | status=fail | reason=exception | IP={ip} | UA={ua}")
return Response({"error": f"복호화 실패: {str(e)}"}, status=500) return Response({"error": f"복호화 실패: {str(e)}"}, status=500)

2
version
View File

@ -1 +1 @@
0.0.11_rc6 0.0.11_rc7