add token capture middleware, moved api paths to api group, update re…

…adme, remove ARCHIVE_TOKEN from settings
LCOGT · Sep 6, 2024 · 5e80cb3 · 5e80cb3
1 parent d3ce84c
commit 5e80cb3
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -21,10 +21,6 @@ The project is configured to use a local sqlite database. You can change that to
 ```
     ./manage.py migrate
 ```
-Get your auth token from the UI by signing in with your LCO credentials and checking your cookies for an auth-token. Once you have it export it to your dev enviorment like
-```
-    export ARCHIVE_API_TOKEN=<your-auth-token>
-```
 Start up a Redis Server that will faciliate caching as well as the rabbitmq queue. To do this make sure you have Redis installed and then start a server at port 6379
 ```
     redis-server

diff --git a/datalab/datalab_session/s3_utils.py b/datalab/datalab_session/s3_utils.py
@@ -7,7 +7,7 @@
 from botocore.exceptions import ClientError
 
 from django.conf import settings
-
+from django.core.cache import cache
 from datalab.datalab_session.exceptions import ClientAlertException
 
 log = logging.getLogger()
@@ -92,7 +92,7 @@ def get_archive_url(basename: str, archive: str = settings.ARCHIVE_API) -> dict:
   query_params = {'basename_exact': basename }
 
   headers = {
-    'Authorization': f'Token {settings.ARCHIVE_API_TOKEN}'
+    'Authorization': cache.get('archive_token'),
   }
 
   response = requests.get(archive + '/frames/', params=query_params, headers=headers)

diff --git a/datalab/middleware.py b/datalab/middleware.py
@@ -0,0 +1,16 @@
+from django.core.cache import cache
+
+class CaptureTokenMiddleware:
+    """
+    Middleware to capture the Archive Authorization token from the request headers and store it in the cache
+    """
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        token = request.headers.get('Authorization')
+        if token:
+          cache.set('archive_token', token, timeout=None)
+
+        response = self.get_response(request)
+        return response
diff --git a/datalab/settings.py b/datalab/settings.py
@@ -79,6 +79,7 @@ def get_list_from_env(variable, default=None):
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'datalab.middleware.CaptureTokenMiddleware',
 ]
 
 ROOT_URLCONF = 'datalab.urls'
@@ -136,9 +137,6 @@ def get_list_from_env(variable, default=None):
 
 # Datalab Archive
 ARCHIVE_API = os.getenv('ARCHIVE_API', 'https://archive-api.lco.global')
-ARCHIVE_API_TOKEN = os.getenv('ARCHIVE_API_TOKEN')
-if not ARCHIVE_API_TOKEN:
-    print("WARNING: ARCHIVE_API_TOKEN is missing from the environment.")
 
 # Database
 # https://docs.djangoproject.com/en/4.2/ref/settings/#databases

diff --git a/datalab/urls.py b/datalab/urls.py
@@ -30,12 +30,12 @@
 api_urlpatterns = ([
     re_path(r'^', include(router.urls)),
     re_path(r'^', include(operations_router.urls)),
+    path(r'analysis/<slug:action>/', AnalysisView.as_view(), name='analysis'),
+    path('available_operations/', OperationOptionsApiView.as_view(), name='available_operations')
 ], 'api')
 
 urlpatterns = [
     path('admin/', admin.site.urls),
     re_path(r'^api/', include(api_urlpatterns)),
-    path(r'api/analysis/<slug:action>/', AnalysisView.as_view(), name='analysis'),
-    path('api/available_operations/', OperationOptionsApiView.as_view(), name='available_operations'),
     re_path(r'^authprofile/', include(authprofile_urls)),
 ]