k-space/doorboy-proxy
11
0
Fork 0
Code Issues 3 Pull Requests 1 Projects Activity

refactor auth to wrapper

Browse Source
This commit is contained in:
rasmus
2025-08-08 00:16:48 +03:00
parent ed7c3f0607
commit eebfc9efe6
1 changed files with 20 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
app/doorboy-proxy.py
View File

@@ -5,6 +5,7 @@ from sanic.response import text, json
from sanic_prometheus import monitor from sanic_prometheus import monitor
from dateutil.parser import parse from dateutil.parser import parse
import httpx import httpx
from functools import wraps
from motor.motor_asyncio import AsyncIOMotorClient from motor.motor_asyncio import AsyncIOMotorClient
from pymongo.errors import PyMongoError from pymongo.errors import PyMongoError
import os import os
@@ -32,12 +33,23 @@ async def setup_db(app, loop):
# https://github.com/sanic-org/sanic/issues/919 # https://github.com/sanic-org/sanic/issues/919
app.ctx.db = AsyncIOMotorClient(MONGO_URI).get_default_database() app.ctx.db = AsyncIOMotorClient(MONGO_URI).get_default_database()
@app.route("/allowed") def authenticate_door(wrapped):
async def view_doorboy_uids(request): def decorator(f):
key = request.headers.get("KEY") @wraps(f)
if not key or key not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]: async def decorated_function(request, *args, **kwargs):
return text("how about no") doorboy_secret = request.headers.get("KEY")
if doorboy_secret not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]:
return text("Invalid doorboy secret token", status=401)
return await f(request, *args, **kwargs)
return decorated_function
return decorator(wrapped)
@app.route("/allowed")
@authenticate_door
async def view_doorboy_uids(request):
# authorize
key = request.headers.get("KEY")
groups = [] groups = []
if key == DOORBOY_SECRET_FLOOR: if key == DOORBOY_SECRET_FLOOR:
groups.append(FLOOR_ACCESS_GROUP) groups.append(FLOOR_ACCESS_GROUP)
@@ -101,12 +113,8 @@ async def view_open_door_events(request):
return json(transformed, default=datetime_to_json_formatting) return json(transformed, default=datetime_to_json_formatting)
@app.route("/longpoll", stream=True) @app.route("/longpoll", stream=True)
@authenticate_door
async def view_longpoll(request): async def view_longpoll(request):
key = request.headers.get("KEY")
if not key or key not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]:
return text("Invalid token")
# authenticate
response = await request.respond(content_type="text/event-stream") response = await request.respond(content_type="text/event-stream")
await response.send("data: response-generator-started\n\n") await response.send("data: response-generator-started\n\n")
pipeline = [ pipeline = [
@@ -134,13 +142,10 @@ async def view_longpoll(request):
# Called by the door to log a card swipe. Does not decide whether the door should be opened. # Called by the door to log a card swipe. Does not decide whether the door should be opened.
@app.post("/swipe") @app.post("/swipe")
@authenticate_door
async def swipe(request): async def swipe(request):
# authenticate
key = request.headers.get("KEY")
if not key or key not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]:
return text("Invalid token", status=401)
# authorize # authorize
key = request.headers.get("KEY")
data = request.json data = request.json
doors = set() doors = set()
if key == DOORBOY_SECRET_FLOOR: if key == DOORBOY_SECRET_FLOOR: