idhub/management/commands/initial_datas.py

@@ -7,9 +7,9 @@ from utils import credtools
 from django.conf import settings
 from django.core.management.base import BaseCommand
 from django.contrib.auth import get_user_model
-from decouple import config
 from idhub.models import Schemas
 from oidc4vp.models import Organization
+from webhook.models import Token
 
 
 User = get_user_model()
@@ -20,9 +20,13 @@ class Command(BaseCommand):
     DOMAIN = settings.DOMAIN
     OIDC_ORGS = settings.OIDC_ORGS
 
+    def add_arguments(self, parser):
+        parser.add_argument('predefined_token', nargs='?', default='', type=str, help='predefined token')
+
     def handle(self, *args, **kwargs):
         ADMIN_EMAIL = settings.INITIAL_ADMIN_EMAIL
         ADMIN_PASSWORD = settings.INITIAL_ADMIN_PASSWORD
+        self.predefined_token = kwargs['predefined_token']
 
         self.create_admin_users(ADMIN_EMAIL, ADMIN_PASSWORD)
         if settings.CREATE_TEST_USERS:
@@ -45,6 +49,9 @@ class Command(BaseCommand):
         su = User.objects.create_superuser(email=email, password=password)
         su.save()
 
+        tk = Token.objects.filter(token=self.predefined_token).first()
+        if self.predefined_token and not tk:
+            Token.objects.create(token=self.predefined_token)
 
     def create_users(self, email, password):
         u = User.objects.create(email=email, password=password)

idhub/models.py

@@ -684,6 +684,14 @@ class VerificableCredential(models.Model):
         if self.status == self.Status.ISSUED:
             return
 
+        supported = False
+        for name in self.schema.get_schema.get("name"):
+            if name.get("value") in settings.SUPPORTED_CREDENTIALS:
+                supported = True
+
+        if not supported:
+            return
+
         self.subject_did = did
         self.issued_on = datetime.datetime.now().astimezone(pytz.utc)
 

webhook/views.py

@@ -5,6 +5,7 @@ from django.utils.translation import gettext_lazy as _
 from django.views.decorators.csrf import csrf_exempt
 from django.views.generic.edit import DeleteView
 from django.views.generic.base import View
+from django.core.cache import cache
 from django.http import JsonResponse
 from django_tables2 import SingleTableView
 from pyvckit.verify import verify_vp, verify_vc
@@ -20,6 +21,10 @@ from webhook.tables import TokensTable
 @csrf_exempt
 def webhook_verify(request):
     if request.method == 'POST':
+        user = User.objects.filter(is_admin=True).first()
+        if not cache.get("KEY_DIDS") or not user.accept_gdpr:
+            return JsonResponse({'error': 'Temporary out of service'}, status=400)
+
         auth_header = request.headers.get('Authorization')
         if not auth_header or not auth_header.startswith('Bearer '):
             return JsonResponse({'error': 'Invalid or missing token'}, status=401)
@@ -56,6 +61,10 @@ def webhook_verify(request):
 @csrf_exempt
 def webhook_issue(request):
     if request.method == 'POST':
+        user = User.objects.filter(is_admin=True).first()
+        if not cache.get("KEY_DIDS") or not user.accept_gdpr:
+            return JsonResponse({'error': 'Temporary out of service'}, status=400)
+
         auth_header = request.headers.get('Authorization')
         if not auth_header or not auth_header.startswith('Bearer '):
             return JsonResponse({'error': 'Invalid or missing token'}, status=401)
@@ -89,7 +98,6 @@ def webhook_issue(request):
         if not schema:
             return JsonResponse({'error': 'Invalid credential'}, status=400)
 
-        user = User.objects.filter(is_admin=True).first()
         cred = VerificableCredential(
             csv_data=vc,
             issuer_did=did,
@@ -100,6 +108,9 @@ def webhook_issue(request):
         cred.set_type()
         vc_signed = cred.issue(did, domain=request.get_host(), save=save)
 
+        if not vc_signed:
+            return JsonResponse({'error': 'Invalid credential'}, status=400)
+
         return JsonResponse({'status': 'success', "data": vc_signed}, status=200)
 
         return JsonResponse({'status': 'fail'}, status=200)