move /m/doorboy/swipe to doorboy-proxy

inventory-app/doorboy.py

@@ -10,7 +10,6 @@ from wtforms.validators import DataRequired
 
 import pytz
 import const
-from api import check_api_key
 from common import slack_post, User
 from oidc import login_required, read_user
 
@@ -144,6 +143,18 @@ def view_doorboy_hold():
         })
     return redirect("/m/doorboy")
 
+@page_doorboy.route("/m/doorboy/slam", methods=["POST"])
+@login_required
+def view_doorboy_slam():
+    user = read_user()
+    db.eventlog.insert_one({
+      "component": "doorboy",
+      "type": "hold",
+      "requester": user["name"],
+      "door": form.door_name.data,
+      "expires": datetime.utcnow() + timedelta(minutes=form.duration_min.data)
+    })
+    return redirect("/m/doorboy")
 
 @page_doorboy.route("/m/doorboy/<door>/open")
 @login_required
@@ -179,21 +190,6 @@ def view_doorboy_open(door):
     else:
         return "", 401
 
-
-@page_doorboy.route("/m/doorboy/slam", methods=["POST"])
-@login_required
-def view_doorboy_slam():
-    user = read_user()
-    db.eventlog.insert_one({
-      "component": "doorboy",
-      "type": "hold",
-      "requester": user["name"],
-      "door": form.door_name.data,
-      "expires": datetime.utcnow() + timedelta(minutes=form.duration_min.data)
-    })
-    return redirect("/m/doorboy")
-
-
 @page_doorboy.route("/m/doorboy")
 @login_required
 def view_doorboy():
@@ -295,73 +291,3 @@ def view_doorboy_token_events(token_id):
     token = db.inventory.find_one({"_id": ObjectId(token_id)})
     latest_events = db.eventlog.find({"component": "doorboy", "event":"card-swiped", "token.uid_hash": token.get("token").get("uid_hash")}).sort([("timestamp", -1)])
     return render_template("doorboy.html", **locals())
-
-class FormSwipe(FlaskForm):
-    class Meta:
-        csrf = False
-    uid = StringField('uid', validators=[])
-    uid_hash = StringField('uid', validators=[])
-    door = StringField('door', validators=[DataRequired()])
-    success = BooleanField('success', validators=[])
-    timestamp = DateTimeField('timestamp')
-
-@page_doorboy.route("/m/doorboy/swipe", methods=["POST"])
-@check_api_key
-def view_swipe():
-    form = request.json
-    print(form)
-    timestamp = parse(form["timestamp"]) if form.get("timestamp") else None
-    now = datetime.utcnow()
-    # Make sure token exists
-    db.inventory.update_one({
-        "type": "token",
-        "component": "doorboy",
-        "token.uid_hash": form["uid_hash"]
-    }, {
-        "$set": {
-            "last_seen": timestamp or now
-        },
-        "$setOnInsert": {
-            "component": "doorboy",
-            "type": "token",
-            "first_seen": now,
-            "inventory": {
-                "claimable": True,
-            }
-        }
-    }, upsert=True)
-
-    # Fetch token to read owner
-    token = db.inventory.find_one({
-        "type": "token",
-        "component": "doorboy",
-        "token.uid_hash": form["uid_hash"]
-    })
-
-    event_swipe = {
-        "component": "doorboy",
-        "timestamp": timestamp,
-        "door": form["door"],
-        "event": "card-swiped",
-        "approved": form["approved"],
-        "token": {
-          "uid_hash": form["uid_hash"]
-        },
-        "inventory": {}
-    }
-
-    if token.get("inventory", {}).get("owner", {}).get("username", None):
-        event_swipe["inventory"]["owner_id"] = token["inventory"]["owner"]["username"]
-
-    db.eventlog.insert_one(event_swipe)
-
-    status = "Permitted" if form["approved"] else "Denied"
-    username = token.get("inventory", {}).get("owner", {}).get("username", None)
-    if username and username in g.users_lookup:
-        subject = g.users_lookup[username].display_name or username
-    else:
-        subject = "Unknown"
-    msg = "%s %s door access for %s identified by keycard/keyfob" % (status, form["door"], subject)
-    slack_post(msg, "doorboy")
-
-    return "ok"