From 100a7e11dc912ff56f0a2ab585f0ddae589a9b6b Mon Sep 17 00:00:00 2001 From: Eduardo Silva Date: Wed, 12 Mar 2025 21:00:26 -0300 Subject: [PATCH] add API endpoint for retrieving peer list --- api/views.py | 43 ++++++++++++++++++++++++++++++++++---- wireguard_webadmin/urls.py | 24 +++++++++++---------- 2 files changed, 52 insertions(+), 15 deletions(-) diff --git a/api/views.py b/api/views.py index 12c9f78..4a66797 100644 --- a/api/views.py +++ b/api/views.py @@ -1,3 +1,4 @@ +import base64 import datetime import os import subprocess @@ -16,11 +17,11 @@ from django.shortcuts import get_object_or_404, redirect from django.utils import timezone from django.views.decorators.http import require_http_methods -from user_manager.models import UserAcl, AuthenticationToken +from user_manager.models import AuthenticationToken, UserAcl from vpn_invite.models import InviteSettings, PeerInvite -from wgwadmlibrary.tools import user_allowed_peers, user_has_access_to_peer, get_peer_invite_data, create_peer_invite, \ - send_email -from wireguard.models import WebadminSettings, Peer, PeerStatus, WireGuardInstance +from wgwadmlibrary.tools import create_peer_invite, get_peer_invite_data, send_email, user_allowed_peers, \ + user_has_access_to_peer +from wireguard.models import Peer, PeerStatus, WebadminSettings, WireGuardInstance def get_api_key(api_name): @@ -132,6 +133,40 @@ def peer_info(request): return JsonResponse(data) +@require_http_methods(["GET"]) +def api_peer_list(request): + if request.GET.get('key'): + api_key = get_api_key('api') + if api_key and api_key == request.GET.get('key'): + pass + else: + return HttpResponseForbidden() + else: + return HttpResponseForbidden() + data = { + 'peers': [] + } + for peer in Peer.objects.all(): + peer_allowed_ips = [] + for allowed_ip in peer.peerallowedip_set.all().filter(config_file='server'): + peer_allowed_ips.append( + { + 'ip_address': allowed_ip.allowed_ip, + 'priority': allowed_ip.priority, + 'netmask': allowed_ip.netmask + } + ) + data['peers'].append({ + 'name': str(peer), + 'public_key': str(peer.public_key), + 'uuid': str(peer.uuid), + 'rrd_filename' : base64.urlsafe_b64encode(peer.public_key.encode()).decode().replace('=', '') + '.rrd', + 'last_handshake': peer.peerstatus.last_handshake.isoformat() if hasattr(peer, 'peerstatus') and peer.peerstatus.last_handshake else '', + 'allowed_ips': peer_allowed_ips, + }) + return JsonResponse(data) + + @require_http_methods(["GET"]) def wireguard_status(request): user_acl = None diff --git a/wireguard_webadmin/urls.py b/wireguard_webadmin/urls.py index 955438c..16de6c0 100644 --- a/wireguard_webadmin/urls.py +++ b/wireguard_webadmin/urls.py @@ -18,21 +18,22 @@ from django.contrib import admin from django.urls import path from accounts.views import view_create_first_user, view_login, view_logout -from api.views import wireguard_status, cron_check_updates, cron_update_peer_latest_handshake, \ - routerfleet_get_user_token, routerfleet_authenticate_session, peer_info, api_peer_invite +from api.views import api_peer_invite, api_peer_list, cron_check_updates, cron_update_peer_latest_handshake, peer_info, \ + routerfleet_authenticate_session, routerfleet_get_user_token, wireguard_status from console.views import view_console -from dns.views import view_static_host_list, view_manage_static_host, view_manage_dns_settings, view_apply_dns_config, \ - view_manage_filter_list, view_update_dns_list, view_toggle_dns_list -from firewall.views import view_redirect_rule_list, manage_redirect_rule, view_firewall_rule_list, manage_firewall_rule, \ - view_manage_firewall_settings, view_generate_iptables_script, view_reset_firewall, view_firewall_migration_required -from user_manager.views import view_user_list, view_manage_user, view_peer_group_list, view_peer_group_manage -from vpn_invite.views import view_vpn_invite_list, view_vpn_invite_settings, view_email_settings +from dns.views import view_apply_dns_config, view_manage_dns_settings, view_manage_filter_list, view_manage_static_host, \ + view_static_host_list, view_toggle_dns_list, view_update_dns_list +from firewall.views import manage_firewall_rule, manage_redirect_rule, view_firewall_migration_required, \ + view_firewall_rule_list, view_generate_iptables_script, view_manage_firewall_settings, view_redirect_rule_list, \ + view_reset_firewall +from user_manager.views import view_manage_user, view_peer_group_list, view_peer_group_manage, view_user_list +from vpn_invite.views import view_email_settings, view_vpn_invite_list, view_vpn_invite_settings from vpn_invite_public.views import view_public_vpn_invite from wgrrd.views import view_rrd_graph -from wireguard.views import view_wireguard_status, view_wireguard_manage_instance, view_apply_db_patches -from wireguard_peer.views import view_wireguard_peer_list, view_wireguard_peer_manage, view_manage_ip_address, \ +from wireguard.views import view_apply_db_patches, view_wireguard_manage_instance, view_wireguard_status +from wireguard_peer.views import view_manage_ip_address, view_wireguard_peer_list, view_wireguard_peer_manage, \ view_wireguard_peer_sort -from wireguard_tools.views import export_wireguard_configs, download_config_or_qrcode, restart_wireguard_interfaces +from wireguard_tools.views import download_config_or_qrcode, export_wireguard_configs, restart_wireguard_interfaces urlpatterns = [ path('admin/', admin.site.urls), @@ -65,6 +66,7 @@ urlpatterns = [ path('accounts/routerfleet_authenticate_session/', routerfleet_authenticate_session, name='routerfleet_authenticate_session'), path('api/routerfleet_get_user_token/', routerfleet_get_user_token, name='routerfleet_get_user_token'), path('api/wireguard_status/', wireguard_status, name='api_wireguard_status'), + path('api/peer_list/', api_peer_list, name='api_peer_list'), path('api/peer_info/', peer_info, name='api_peer_info'), path('api/peer_invite/', api_peer_invite, name='api_peer_invite'), path('api/cron_check_updates/', cron_check_updates, name='cron_check_updates'),