Merge pull request #37 from grahamgilbert/verify_api

Endpoint for verifying escrow status
grahamgilbert · Jan 4, 2017 · da8ea4e · da8ea4e
2 parents 23109d7 + 6a18c4d
commit da8ea4e
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/server/urls.py b/server/urls.py
@@ -21,6 +21,8 @@
     url(r'^retrieve/(?P<request_id>.+)/', retrieve, name='retrieve'),
     #approve
     url(r'^approve/(?P<request_id>.+)/', approve, name='approve'),
+    # verify
+    url(r'^verify/(?P<serial>.+)/(?P<secret_type>.+)/', verify, name='verify'),
     #checkin
     url(r'^checkin/', checkin, name='checkin'),
     #manage

diff --git a/server/views.py b/server/views.py
@@ -3,7 +3,7 @@
 from django.template import RequestContext, Template, Context
 import json
 from django.views.decorators.csrf import csrf_exempt, csrf_protect
-from django.http import HttpResponse, Http404
+from django.http import HttpResponse, Http404, JsonResponse
 from django.contrib.auth.models import Permission, User
 from django.conf import settings
 from django.template.context_processors import csrf
@@ -245,6 +245,16 @@ def new_secret(request, computer_id):
     c = {'form': form, 'computer': computer, }
     return render(request, 'server/new_secret_form.html', c)
 
+# Verify key escrow
+@csrf_exempt
+def verify(request, serial, secret_type):
+    computer = get_object_or_404(Computer, serial=serial)
+    try:
+        secret = Secret.objects.filter(computer=computer, secret_type=secret_type).latest('date_escrowed')
+        output = {'escrowed': True, 'date_escrowed':secret.date_escrowed}
+    except Secret.DoesNotExist:
+        output = {'escrowed': False}
+    return JsonResponse(output)
 
 ##checkin view
 @csrf_exempt