From 5e80cb38180670692e4ff2818942cc87be86340a Mon Sep 17 00:00:00 2001 From: Lloyd Dakin Date: Fri, 6 Sep 2024 16:02:08 -0700 Subject: [PATCH] add token capture middleware, moved api paths to api group, update readme, remove ARCHIVE_TOKEN from settings --- README.md | 4 ---- datalab/datalab_session/s3_utils.py | 4 ++-- datalab/middleware.py | 16 ++++++++++++++++ datalab/settings.py | 4 +--- datalab/urls.py | 4 ++-- 5 files changed, 21 insertions(+), 11 deletions(-) create mode 100644 datalab/middleware.py diff --git a/README.md b/README.md index 41856f9..f1b8510 100644 --- a/README.md +++ b/README.md @@ -21,10 +21,6 @@ The project is configured to use a local sqlite database. You can change that to ``` ./manage.py migrate ``` -Get your auth token from the UI by signing in with your LCO credentials and checking your cookies for an auth-token. Once you have it export it to your dev enviorment like -``` - export ARCHIVE_API_TOKEN= -``` Start up a Redis Server that will faciliate caching as well as the rabbitmq queue. To do this make sure you have Redis installed and then start a server at port 6379 ``` redis-server diff --git a/datalab/datalab_session/s3_utils.py b/datalab/datalab_session/s3_utils.py index c461b97..0f1c831 100644 --- a/datalab/datalab_session/s3_utils.py +++ b/datalab/datalab_session/s3_utils.py @@ -7,7 +7,7 @@ from botocore.exceptions import ClientError from django.conf import settings - +from django.core.cache import cache from datalab.datalab_session.exceptions import ClientAlertException log = logging.getLogger() @@ -92,7 +92,7 @@ def get_archive_url(basename: str, archive: str = settings.ARCHIVE_API) -> dict: query_params = {'basename_exact': basename } headers = { - 'Authorization': f'Token {settings.ARCHIVE_API_TOKEN}' + 'Authorization': cache.get('archive_token'), } response = requests.get(archive + '/frames/', params=query_params, headers=headers) diff --git a/datalab/middleware.py b/datalab/middleware.py new file mode 100644 index 0000000..b606ec8 --- /dev/null +++ b/datalab/middleware.py @@ -0,0 +1,16 @@ +from django.core.cache import cache + +class CaptureTokenMiddleware: + """ + Middleware to capture the Archive Authorization token from the request headers and store it in the cache + """ + def __init__(self, get_response): + self.get_response = get_response + + def __call__(self, request): + token = request.headers.get('Authorization') + if token: + cache.set('archive_token', token, timeout=None) + + response = self.get_response(request) + return response diff --git a/datalab/settings.py b/datalab/settings.py index 15566ff..12a51d5 100644 --- a/datalab/settings.py +++ b/datalab/settings.py @@ -79,6 +79,7 @@ def get_list_from_env(variable, default=None): 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'datalab.middleware.CaptureTokenMiddleware', ] ROOT_URLCONF = 'datalab.urls' @@ -136,9 +137,6 @@ def get_list_from_env(variable, default=None): # Datalab Archive ARCHIVE_API = os.getenv('ARCHIVE_API', 'https://archive-api.lco.global') -ARCHIVE_API_TOKEN = os.getenv('ARCHIVE_API_TOKEN') -if not ARCHIVE_API_TOKEN: - print("WARNING: ARCHIVE_API_TOKEN is missing from the environment.") # Database # https://docs.djangoproject.com/en/4.2/ref/settings/#databases diff --git a/datalab/urls.py b/datalab/urls.py index 234108b..889b30e 100644 --- a/datalab/urls.py +++ b/datalab/urls.py @@ -30,12 +30,12 @@ api_urlpatterns = ([ re_path(r'^', include(router.urls)), re_path(r'^', include(operations_router.urls)), + path(r'analysis//', AnalysisView.as_view(), name='analysis'), + path('available_operations/', OperationOptionsApiView.as_view(), name='available_operations') ], 'api') urlpatterns = [ path('admin/', admin.site.urls), re_path(r'^api/', include(api_urlpatterns)), - path(r'api/analysis//', AnalysisView.as_view(), name='analysis'), - path('api/available_operations/', OperationOptionsApiView.as_view(), name='available_operations'), re_path(r'^authprofile/', include(authprofile_urls)), ]