PUSH THE BACKEND TO THE LIMIT

2024-09-20 14:40:16 +02:00 · 2024-09-20 14:40:16 +02:00 · 054cbf6a5d
commit 054cbf6a5d
parent 13c47b9743
3 changed files with 39 additions and 4 deletions
--- a/py/api.py
+++ b/py/api.py
@ -3,10 +3,12 @@ from flask_cors import CORS
 import secrets
 from ai import AI
 from db import DB
+from OpenSSL import crypto


 class API:
    def __init__(self):
+        self.crypt_size = 4096
        self.app = Flask(__name__)
        self.ai_response = {}
        self.ai = AI()
@ -16,7 +18,7 @@ class API:
    def run(self):
        @self.app.route('/interstellar/api/ai_create', methods=['GET'])
        def create_ai():
-            access_token = secrets.token_urlsafe(4096)
+            access_token = secrets.token_urlsafe(self.crypt_size)
            self.ai_response[access_token] = ""
            return jsonify({'status': 200, 'access_token': access_token})

@ -51,7 +53,40 @@ class API:
            if action == "check_credentials":
                self.db.check_credentials(data)

-        ssl_context = ('cert.pem', 'key.pem')
+        email_address = "emailAddress"
+        common_name = "commonName"
+        country_name = "NT"
+        locality_name = "localityName"
+        state_or_province_name = "stateOrProvinceName"
+        organization_name = "organizationName"
+        organization_unit_name = "organizationUnitName"
+        serial_number = 0
+        validity_start_in_seconds = 0
+        validity_end_in_seconds = 10 * 365 * 24 * 60 * 60
+        k = crypto.PKey()
+        k.generate_key(crypto.TYPE_RSA, 4096)
+        cert = crypto.X509()
+        cert.get_subject().C = country_name
+        cert.get_subject().ST = state_or_province_name
+        cert.get_subject().L = locality_name
+        cert.get_subject().O = organization_name
+        cert.get_subject().OU = organization_unit_name
+        cert.get_subject().CN = common_name
+        cert.get_subject().emailAddress = email_address
+        cert.set_serial_number(serial_number)
+        cert.gmtime_adj_notBefore(validity_start_in_seconds)
+        cert.gmtime_adj_notAfter(validity_end_in_seconds)
+        cert.set_issuer(cert.get_subject())
+        cert.set_pubkey(k)
+        cert.sign(k, 'sha512')
+
+        with open("cert.pem", "wt") as f:
+            f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode("utf-8"))
+
+        with open("key.pem", "wt") as f:
+            f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode("utf-8"))
+
+        ssl_context = ("cert.pem", "key.pem")
        self.app.run(debug=True, host='0.0.0.0', port=5000, ssl_context=ssl_context)


--- a/py/install.sh
+++ b/py/install.sh
@ -1,4 +1,3 @@
-openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365
 python -m venv venv
 source venv/bin/activate
 pip install -r requirements.txt
--- a/py/requirements.txt
+++ b/py/requirements.txt
@ -2,3 +2,4 @@ flask
 flask-cors
 ollama
 mistralai
+pyOpenSSL