https and ssl integration on the backend, frontend and started integration of logistics app as a separate frontend

2024-11-18 14:22:54 +01:00
parent 0eb0bc3486
commit a91d74b718
11 changed files with 176 additions and 50 deletions
--- a/backend/app/ssl_heidi.py
+++ b/backend/app/ssl_heidi.py
@ -0,0 +1,52 @@
+# Generate SSL Key and Certificate
+from cryptography import x509
+from cryptography.x509.oid import NameOID
+from cryptography.hazmat.primitives import serialization, hashes
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives.serialization import Encoding
+import datetime
+
+
+def generate_self_signed_cert(cert_file: str, key_file: str):
+    # Generate private key
+    key = rsa.generate_private_key(
+        public_exponent=65537,
+        key_size=2048,
+    )
+    # Write private key to file
+    with open(key_file, "wb") as f:
+        f.write(key.private_bytes(
+            encoding=serialization.Encoding.PEM,
+            format=serialization.PrivateFormat.TraditionalOpenSSL,
+            encryption_algorithm=serialization.NoEncryption(),
+        ))
+
+    # Generate self-signed certificate
+    subject = issuer = x509.Name([
+        x509.NameAttribute(NameOID.COUNTRY_NAME, u"CH"),
+        x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u"Argau"),
+        x509.NameAttribute(NameOID.LOCALITY_NAME, u"Villigen"),
+        x509.NameAttribute(NameOID.ORGANIZATION_NAME, u"Paul Scherrer Institut"),
+        x509.NameAttribute(NameOID.COMMON_NAME, u"PSI.CH"),
+    ])
+    cert = x509.CertificateBuilder().subject_name(
+        subject
+    ).issuer_name(
+        issuer
+    ).public_key(
+        key.public_key()
+    ).serial_number(
+        x509.random_serial_number()
+    ).not_valid_before(
+        datetime.datetime.utcnow()
+    ).not_valid_after(
+        # Our certificate will be valid for 10 days
+        datetime.datetime.utcnow() + datetime.timedelta(days=10)
+    ).add_extension(
+        x509.SubjectAlternativeName([x509.DNSName(u"localhost")]),
+        critical=False,
+    ).sign(key, hashes.SHA256())
+
+    # Write certificate to file
+    with open(cert_file, "wb") as f:
+        f.write(cert.public_bytes(Encoding.PEM))