Commit 0ab4b240 authored by Leon Tappe's avatar Leon Tappe
Browse files

add generate ticket route

parent 7434eb38
......@@ -18,6 +18,7 @@ import os
from import gen_salt
from datetime import date, datetime
from flask import Blueprint, request, session, send_file, jsonify, redirect
import json
bp = Blueprint('home', __name__)
......@@ -192,6 +193,31 @@ def check_ticket(ticket):
return None
@bp.route("/genticket", methods=['POST'])
def generate_ticket():
# decode signed ticket and split into parts for AES
decoded = base64.b64decode(str(request.json))
nonce = decoded[:16]
tag = decoded[16:32]
ciphertext = decoded[32:]
# decrypt and verify parsed AES payload
cipher =, AES.MODE_EAX, nonce)
data = cipher.decrypt_and_verify(ciphertext, tag)
return 'ticket not signed correctly', 400
json_seed = json.loads(data.decode('utf-8'))
epoch_timestamp = parser.isoparse(json_seed['timestamp']).timestamp()
if - epoch_timestamp > 60.0:
return 'seed older than 1 minute', 400
return jsonify(json_seed['ticket'])
@bp.route('/makeseed', methods=['POST'])
def make_seed():
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment