tiny refactor /longpoltiny and /longpolll

2025-08-07 20:44:23 +03:00
parent 829da1f55f
commit 55ca235946
1 changed files with 18 additions and 13 deletions
--- a/app/doorboy-proxy.py
+++ b/app/doorboy-proxy.py
@@ -11,13 +11,13 @@ import os
 app = Sanic(__name__)
 monitor(app).expose_endpoint()

-INVENTORY_API_KEY = os.environ["INVENTORY_API_KEY"]
-DOORBOY_SECRET_FLOOR = os.environ["DOORBOY_SECRET_FLOOR"]
-DOORBOY_SECRET_WORKSHOP = os.environ["DOORBOY_SECRET_WORKSHOP"]
-CARD_URI = os.environ["CARD_URI"]
+DOORBOY_SECRET_FLOOR = os.environ["DOORBOY_SECRET_FLOOR"] # API key for godoor controllers authenticating for k-space:floor
+DOORBOY_SECRET_WORKSHOP = os.environ["DOORBOY_SECRET_WORKSHOP"] # API key for godoor controllers authenticating for k-space:workshop
 FLOOR_ACCESS_GROUP = os.environ["FLOOR_ACCESS_GROUP"]
 WORKSHOP_ACCESS_GROUP = os.environ["WORKSHOP_ACCESS_GROUP"]
 MONGO_URI = os.environ["MONGO_URI"]
+INVENTORY_API_KEY = os.environ["INVENTORY_API_KEY"] # asshole forwards to inventory-app, instead of using mongo directly
+CARD_URI = os.environ["CARD_URI"]
 SWIPE_URI = os.environ["SWIPE_URI"]

 assert len(DOORBOY_SECRET_FLOOR) >= 10
@@ -70,10 +70,7 @@ async def view_open_door_events(request):
    results = await app.ctx.db.eventlog.find({
        "component": "doorboy",
        "type": "open-door",
-        "$or": [
-            { "approved": True },
-            { "success": True },
-        ],
+        "approved": True,
        "$or": [
            { "type": "open-door" },
            { "event": "card-swiped" },
@@ -106,7 +103,8 @@ async def view_longpoll(request):
    key = request.headers.get("KEY")
    if not key or key not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]:
        return text("Invalid token")
-
+    
+    # authenticate
    response = await request.respond(content_type="text/event-stream")
    await response.send("data: response-generator-started\n\n")
    pipeline = [
@@ -120,19 +118,26 @@ async def view_longpoll(request):
        async with app.ctx.db.eventlog.watch(pipeline) as stream:
            await response.send("data: watch-stream-opened\n\n")
            async for event in stream:
-                if event["fullDocument"].get("type") == "open-door" and event["fullDocument"].get("approved", False):
-                    await response.send("data: %s\n\n" %
-                                        event["fullDocument"]["door"])
-    except pymongo.errors.PyMongoError as e:
+                ev = event["fullDocument"]
+                if ev["approved"] != "true":
+                    continue
+                if ev["type"] == "token":
+                    continue
+                
+                response.send("data: %s\n\n" % ev["door"])
+    except PyMongoError as e:
        print(e)
        await response.send("data: response-generator-ended\n\n")
        return

@app.post("/swipe")
 async def forward_swipe(request):
+    # authenticate
    key = request.headers.get("KEY")
    if not key or key not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]:
        return text("Invalid token", status=401)
+    
+    # authorize
    data = request.json
    doors = set()
    if key == DOORBOY_SECRET_FLOOR: