api/kiwi_vpn_api/config.py

@@ -15,12 +15,11 @@ from datetime import datetime, timedelta
 from enum import Enum
 from pathlib import Path
 from secrets import token_urlsafe
-from typing import Any
 
 from jose import JWTError, jwt
 from jose.constants import ALGORITHMS
 from passlib.context import CryptContext
-from pydantic import BaseModel, BaseSettings, constr, validator
+from pydantic import BaseModel, BaseSettings, Field, validator
 
 
 class Settings(BaseSettings):
@@ -65,7 +64,7 @@ class DBConfig(BaseModel):
     user: str | None = None
     password: str | None = None
     host: str | None = None
-    database: str | None = Settings._.data_dir.joinpath("kiwi-vpn.db")
+    database: str | None = Settings._.data_dir.joinpath("vpn.db")
 
     mysql_driver: str = "pymysql"
     mysql_args: list[str] = ["charset=utf8mb4"]
@@ -169,35 +168,6 @@ class JWTConfig(BaseModel):
         return username
 
 
-class ToggleString(BaseModel):
-    value: str
-    allow: bool
-
-
-class ToggleCountry(ToggleString):
-    value: constr(max_length=2)
-
-
-class DNParts(BaseModel):
-    """
-    This server's "distinguished name"
-    """
-
-    country: ToggleCountry
-    state: ToggleString
-    city: ToggleString
-    organization: ToggleString
-    organizational_unit: ToggleString
-
-
-class CertificateAlgo(Enum):
-    rsa2048 = "rsa2048"
-    rsa4096 = "rsa4096"
-    secp256r1 = "secp256r1"
-    secp384r1 = "secp384r1"
-    ed25519 = "ed25519"
-
-
 class CryptoConfig(BaseModel):
     """
     Configuration for hash algorithms
@@ -205,15 +175,8 @@ class CryptoConfig(BaseModel):
 
     schemes: list[str] = ["bcrypt"]
 
-    force_cipher: ToggleString
-    force_tls_cipher: ToggleString
-    force_auth: ToggleString
-
-    cert_algo: CertificateAlgo
-    expiry_days: int
-
     @property
-    def context(self) -> CryptContext:
+    def crypt_context(self) -> CryptContext:
         return CryptContext(
             schemes=self.schemes,
             deprecated="auto",
@@ -225,13 +188,9 @@ class Config(BaseModel):
     Configuration for `kiwi-vpn-api`
     """
 
-    server_name: str
+    db: DBConfig = Field(default_factory=DBConfig)
-    server_extra_config: dict[str, Any]
+    jwt: JWTConfig = Field(default_factory=JWTConfig)
-
+    crypto: CryptoConfig = Field(default_factory=CryptoConfig)
-    db: DBConfig
-    jwt: JWTConfig
-    crypto: CryptoConfig
-    dnparts: DNParts
 
     __singleton: Config | None = None
 

api/kiwi_vpn_api/db/user.py

@@ -24,7 +24,7 @@ class UserBase(SQLModel):
     name: str = Field(primary_key=True)
     email: str | None = Field(default=None)
 
-    country: str | None = Field(default=None, max_length=2)
+    country: str | None = Field(default=None)
     state: str | None = Field(default=None)
     city: str | None = Field(default=None)
     organization: str | None = Field(default=None)
@@ -56,7 +56,7 @@ class UserCreate(UserBase):
         if (current_config := Config._) is None:
             raise ValueError("Not configured")
 
-        values["password"] = current_config.crypto.context.hash(
+        values["password"] = current_config.crypto.crypt_context.hash(
             password_clear)
 
         return values
@@ -132,7 +132,7 @@ class User(UserBase, table=True):
         Authenticate with name/password against users in database.
         """
 
-        crypt_context = Config._.crypto.context
+        crypt_context = Config._.crypto.crypt_context
 
         if (user := cls.get(name)) is None:
             # nonexistent user, fake doing password verification