The Keyserver is integrated into Pinyto to support webapps. Normally Pinyto uses public-key authentication which is more secure than username and password. However this method needs clients which create private and public key pairs and store the private key securely. For webapps this approach is simply not possible. To solve this the Keyserver stands in between webapps and the cloud and saves one private key for each username and password. If a webapp wants to authenticate it can send the users credentials to the keyserver which does the authentication with the stored key if the credentials are correct. The keyserver sends the decrypted token which is ready to use over an https connection to the webapp. The webapp can use this token for all requests in this session.
Similar to the administration of the cloud does the keyserver provide an API to administer the Accounts.
register function expects a “username” and a “password” in the request data.
authenticate function expects a “username” and a “password” in the request data.
change_password function expects the new password as “password” in the request data.
# coding=utf-8 """ Pinyto cloud - A secure cloud database for your personal data Copyright (C) 2105 Johannes Merkert <firstname.lastname@example.org> This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. """ from django.conf.urls import url from keyserver.views import authenticate, register, change_password urlpatterns = [ url(r'^authenticate$', authenticate, name='keyserver_authenticate'), url(r'^register$', register, name='keyserver_register'), url(r'^change_password$', change_password, name='change_password'), ]