From 821d72a7736ddaed552e486cb5be487de4182f20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn-Michael=20Miehe?= <40151420+ldericher@users.noreply.github.com> Date: Fri, 1 Apr 2022 15:40:08 +0000 Subject: [PATCH] init pki endpoint --- api/kiwi_vpn_api/routers/service.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/api/kiwi_vpn_api/routers/service.py b/api/kiwi_vpn_api/routers/service.py index 2922829..89acd88 100644 --- a/api/kiwi_vpn_api/routers/service.py +++ b/api/kiwi_vpn_api/routers/service.py @@ -5,7 +5,9 @@ from fastapi import APIRouter, Depends, HTTPException, status from ..config import Config -from ._common import Responses, get_current_config +from ..db import User +from ..easyrsa import CertificateType, EasyRSA +from ._common import Responses, get_current_config, get_current_user router = APIRouter(prefix="/service", tags=["service"]) @@ -20,5 +22,14 @@ router = APIRouter(prefix="/service", tags=["service"]) ) async def init_pki( _: Config = Depends(get_current_config), + current_user: User = Depends(get_current_user), ) -> None: - pass + + if not current_user.is_admin: + raise HTTPException(status_code=status.HTTP_403_FORBIDDEN) + + easy_rsa = EasyRSA() + + easy_rsa.init_pki() + easy_rsa.build_ca() + easy_rsa.issue(CertificateType.server)