Compare commits

..

2 commits

Author SHA1 Message Date
f
ae520e9076 verificar firmas
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-03-12 19:10:33 -03:00
f
01700017e9 indicar a la raspberry que el registro es duplicado 2022-03-12 19:01:12 -03:00
5 changed files with 33 additions and 1 deletions

View file

@ -25,6 +25,8 @@ gem 'jbuilder', '~> 2.7'
# Reduces boot times through caching; required in config/boot.rb
gem 'bootsnap', '>= 1.4.4', require: false
gem 'ssh_data'
group :development, :test do
# Call 'byebug' anywhere in the code to stop execution and get a debugger console
gem 'byebug', platforms: [:mri, :mingw, :x64_mingw]

View file

@ -214,6 +214,7 @@ GEM
actionpack (>= 5.2)
activesupport (>= 5.2)
sprockets (>= 3.0.0)
ssh_data (1.3.0)
thor (1.1.0)
tilt (2.0.10)
turbolinks (5.2.1)
@ -266,6 +267,7 @@ DEPENDENCIES
sass-rails (>= 6)
selenium-webdriver
spring
ssh_data
turbolinks (~> 5)
tzinfo-data
web-console (>= 4.1.0)

View file

@ -14,8 +14,9 @@ class ReadingsController < ActionController::API
Reading.transaction do
reading = raspberry.readings.build reading_params
reading.id = params[:transaction_uuid]
# TODO: Verificar firma
reading.signature = request.headers[:'X-Signature']
reading.transaction = request.raw_post
reading.verified = reading.verify
params[:arduinos]&.each do |a|
arduino = reading.arduinos.build local_id: a[:id], raspberry: raspberry
@ -31,6 +32,8 @@ class ReadingsController < ActionController::API
head :bad_request
end
end
rescue ActiveRecord::RecordNotUnique
render plain: params[:transaction_uuid], status: :ok
end
private

View file

@ -3,4 +3,20 @@
class Reading < ApplicationRecord
belongs_to :raspberry
has_many :arduinos
def verify
ssh_signature.verify transaction
rescue SSHData::Error
false
end
private
def ssh_signature
@ssh_signature ||= SSHData::Signature.parse_pem <<~PEM
-----BEGIN SSH SIGNATURE-----
#{signature}
-----END SSH SIGNATURE-----
PEM
end
end

View file

@ -0,0 +1,9 @@
# frozen_string_literal: true
# Agrega la verificación de firma en la lectura
class AddVerificationToReadings < ActiveRecord::Migration[6.1]
def change
add_column :readings, :transaction, :text
add_column :readings, :verified, :boolean, default: false
end
end