k-space/doorboy-proxy
11
0
Fork 0
Code Issues 3 Pull Requests 1 Projects Activity

Use separate workhop and floor keys

Browse Source
This commit is contained in:
Madis Mägi
2023-08-01 22:21:57 +03:00
parent 63a8b9e5f7
commit 26a602a282
2 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
app/doorboy-proxy.py
View File

@@ -10,13 +10,16 @@ import os
app = Sanic(__name__)
monitor(app).expose_endpoint()
DOORBOY_SECRET = os.environ["DOORBOY_SECRET"]
DOORBOY_SECRET_FLOOR = os.environ["DOORBOY_SECRET_FLOOR"]
DOORBOY_SECRET_WORKSHOP = os.environ["DOORBOY_SECRET_WORKSHOP"]
CARD_URI = os.environ["CARD_URI"]
CARD_KUBE_GROUP = os.environ["CARD_KUBE_GROUP"]
FLOOR_ACCESS_GROUP = os.environ["FLOOR_ACCESS_GROUP"]
WORKSHOP_ACCESS_GROUP = os.environ["WORKSHOP_ACCESS_GROUP"]
MONGO_URI = os.getenv("MONGO_URI",
"mongodb://127.0.0.1:27017/default?replicaSet=rs0")
assert len(DOORBOY_SECRET) >= 10
assert len(DOORBOY_SECRET_FLOOR) >= 10
assert len(DOORBOY_SECRET_WORKSHOP) >= 10
@app.listener("before_server_start")
@@ -27,13 +30,20 @@ async def setup_db(app, loop):
@app.route("/allowed")
async def view_doorboy_uids(request):
if request.headers.get("KEY") != DOORBOY_SECRET:
key = request.headers.get("KEY")
if key not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]:
return text("how about no")
if key == DOORBOY_SECRET_FLOOR:
group = FLOOR_ACCESS_GROUP
elif key == DOORBOY_SECRET_WORKSHOP:
group = WORKSHOP_ACCESS_GROUP
if not group:
return "fail", 500
async with httpx.AsyncClient() as client:
r = await client.get(CARD_URI, params={
"group": CARD_KUBE_GROUP
})
r = await client.post(CARD_URI, json={
"groups": [group]
}, headers={"Content-Type": "application/json"})
j = r.json()
allowed_uids = []
for obj in j: