From 226382f28adaef34e8e6541ab8e82a4c0c7b082d Mon Sep 17 00:00:00 2001 From: norohind <60548839+norohind@users.noreply.github.com> Date: Sun, 5 Dec 2021 23:21:07 +0300 Subject: [PATCH] WIP: full refactor --- capi/__init__.py | 12 +++++-- capi/exceptions.py | 2 +- capi/model.py | 4 +++ capi/sqlite_requests.py | 2 ++ config.py | 4 +++ web.py | 72 +++++++++++++++++++++++++++++++++++++++-- 6 files changed, 90 insertions(+), 6 deletions(-) diff --git a/capi/__init__.py b/capi/__init__.py index bf90cd2..281d65a 100644 --- a/capi/__init__.py +++ b/capi/__init__.py @@ -5,6 +5,7 @@ from . import exceptions import base64 import os import time +from typing import Union import config from EDMCLogging import get_main_logger @@ -92,9 +93,13 @@ class CAPIAuthorizer: return msg - def get_token_by_state(self, state: str) -> dict: + def get_token_by_state(self, state: str) -> Union[dict, None]: self.refresh_by_state(state) row = self.model.get_token_for_user(state) + + if row is None: + return None + row['expires_over'] = int(row['expires_on']) - int(time.time()) return row @@ -113,7 +118,7 @@ class CAPIAuthorizer: if row is None: # No such state in DB msg['status'] = 'error' - msg['message'] = 'No such state in DB' + msg['description'] = 'No such state in DB' raise exceptions.RefreshFail(msg['description'], msg['status'], state) msg['state'] = state @@ -163,5 +168,8 @@ class CAPIAuthorizer: def list_all_users(self) -> list[dict]: return self.model.list_all_records() + def cleanup_orphans(self) -> None: + self.model.cleanup_orphans_records() + capi_authorizer = CAPIAuthorizer(model.Model()) diff --git a/capi/exceptions.py b/capi/exceptions.py index 565ad9a..032c73b 100644 --- a/capi/exceptions.py +++ b/capi/exceptions.py @@ -3,4 +3,4 @@ class RefreshFail(Exception): self.message = message self.status = status self.state = state - super().__init__(self.message + ' for ' + self.state) + super().__init__(str(self.message) + ' for ' + str(self.state)) diff --git a/capi/model.py b/capi/model.py index fbf65bb..bd8d6d1 100644 --- a/capi/model.py +++ b/capi/model.py @@ -115,3 +115,7 @@ class Model: def list_all_records(self) -> list: return self.db.execute(sqlite_requests.select_nickname_state_all).fetchall() + + def cleanup_orphans_records(self) -> None: + with self.db: + self.db.execute(sqlite_requests.del_orphans) diff --git a/capi/sqlite_requests.py b/capi/sqlite_requests.py index ac40e8f..98d2f51 100644 --- a/capi/sqlite_requests.py +++ b/capi/sqlite_requests.py @@ -46,3 +46,5 @@ get_token_for_user = """select from authorizations where state = :state;""" select_nickname_state_all = """select nickname, state from authorizations where nickname is not null;""" + +del_orphans = """delete from authorizations where nickname is null;""" diff --git a/config.py b/config.py index b932e15..ba142b9 100644 --- a/config.py +++ b/config.py @@ -1,3 +1,5 @@ +import os + import requests from os import getenv @@ -6,6 +8,8 @@ assert CLIENT_ID, "No client_id in env" log_level = 'DEBUG' +access_key = os.getenv('access_key') + REDIRECT_URL = requests.utils.quote("http://127.0.0.1:9000/fdev-redirect") AUTH_URL = 'https://auth.frontierstore.net/auth' TOKEN_URL = 'https://auth.frontierstore.net/token' diff --git a/web.py b/web.py index 0b816cc..7ae76eb 100644 --- a/web.py +++ b/web.py @@ -4,6 +4,16 @@ import json from capi import capi_authorizer import config +from EDMCLogging import get_main_logger + +logger = get_main_logger() +logger.propagate = False + + +def check_secret(req: falcon.request.Request, resp: falcon.response.Response, resource, params) -> None: + cookies_secret = req.get_cookie_values('key') + if cookies_secret[0] != config.access_key: + raise falcon.HTTPForbidden class AuthInit: @@ -16,14 +26,70 @@ class FDEVCallback: def on_get(self, req: falcon.request.Request, resp: falcon.response.Response) -> None: code = req.get_param('code') state = req.get_param('state') - msg = capi_authorizer.fdev_callback(code, state) + try: + msg = capi_authorizer.fdev_callback(code, state) + resp.content_type = falcon.MEDIA_JSON + resp.text = json.dumps(msg) + + except KeyError as e: + logger.warning(f'Exception on FDEVCallback, code: {code!r}, state: {state!r}', exc_info=e) + raise falcon.HTTPNotFound(description=str(e)) + + except Exception as e: + logger.warning(f'Exception on FDEVCallback, code: {code!r}, state: {state!r}', exc_info=e) + raise falcon.HTTPBadRequest(description=str(e)) + + +class TokenByState: + def on_get(self, req: falcon.request.Request, resp: falcon.response.Response, state: str) -> None: resp.content_type = falcon.MEDIA_JSON - resp.text = json.dumps(msg) + tokens = capi_authorizer.get_token_by_state(state) + if tokens is None: + raise falcon.HTTPNotFound(description='No such state found') + + resp.text = json.dumps(tokens) + + def on_delete(self, req: falcon.request.Request, resp: falcon.response.Response, state: str): + tokens = capi_authorizer.get_token_by_state(state) + if tokens is None: + raise falcon.HTTPNotFound(description='No such state found') + + capi_authorizer.delete_by_state(state) + + +class TokenByNickname: + @falcon.before(check_secret) + def on_get(self, req: falcon.request.Request, resp: falcon.response.Response, nickname: str): + resp.content_type = falcon.MEDIA_JSON + state = capi_authorizer.model.get_state_by_nickname(nickname) + if state is None: + raise falcon.HTTPNotFound(description='No such nickname found') + + tokens = capi_authorizer.get_token_by_state(state) + + resp.text = json.dumps(tokens) + + @falcon.before(check_secret) + def on_delete(self, req: falcon.request.Request, resp: falcon.response.Response, nickname: str): + state = capi_authorizer.model.get_state_by_nickname(nickname) + if state is None: + raise falcon.HTTPNotFound(description='No such nickname found') + + capi_authorizer.delete_by_state(state) + + +class CleanOrphanRecords: + def on_post(self, req: falcon.request.Request, resp: falcon.response.Response): + capi_authorizer.cleanup_orphans() application = falcon.App() application.add_route('/authorize', AuthInit()) application.add_route('/fdev-redirect', FDEVCallback()) +application.add_route('/users/{state}', TokenByState()) # for legacy reasons +application.add_route('/users/by-state/{state}', TokenByState()) +application.add_route('/users/by-nickname/{nickname}', TokenByNickname()) +application.add_route('/tools/clean-orphan-records', CleanOrphanRecords()) if __name__ == '__main__': - waitress.serve(application, host='127.0.0.1', port=9000) \ No newline at end of file + waitress.serve(application, host='127.0.0.1', port=9000)