diff --git a/api/kiwi_vpn_api/routers/service.py b/api/kiwi_vpn_api/routers/service.py index 2922829..89acd88 100644 --- a/api/kiwi_vpn_api/routers/service.py +++ b/api/kiwi_vpn_api/routers/service.py @@ -5,7 +5,9 @@ from fastapi import APIRouter, Depends, HTTPException, status from ..config import Config -from ._common import Responses, get_current_config +from ..db import User +from ..easyrsa import CertificateType, EasyRSA +from ._common import Responses, get_current_config, get_current_user router = APIRouter(prefix="/service", tags=["service"]) @@ -20,5 +22,14 @@ router = APIRouter(prefix="/service", tags=["service"]) ) async def init_pki( _: Config = Depends(get_current_config), + current_user: User = Depends(get_current_user), ) -> None: - pass + + if not current_user.is_admin: + raise HTTPException(status_code=status.HTTP_403_FORBIDDEN) + + easy_rsa = EasyRSA() + + easy_rsa.init_pki() + easy_rsa.build_ca() + easy_rsa.issue(CertificateType.server)