Add an API!

2022-09-13 12:14:39 -07:00 · 2022-09-13 12:14:39 -07:00 · 1280433a49
commit 1280433a49
parent 6febe7db19 5e48e2dcf5
20 changed files with 216 additions and 10 deletions
--- a/GUIDE.md
+++ b/GUIDE.md
@ -212,6 +212,22 @@ In a single-page application, the page never reloads. (That's the entire point o
 Fortunately, Shynet offers a simple method you can call from anywhere within your JavaScript to indicate that a new page has been loaded: `Shynet.newPageLoad()`. Add this method call to the code that handles routing in your app, and you'll be ready to go.
 ### API
 All the information displayed on the dashboard can be obtained via API on url ```//shynet.example.com/api/v1/dashboard/```. By default this endpoint will return the full data from all services over the last last 30 days. The `Authentication` header should be set to use user's parsonal API token (```'Authorization: Token <user API token>'```).
 There are 3 optional query parameters:
 * `uuid` - to get data only from one service
 * `startDate` - to set start date in format YYYY-MM-DD
 * `endDate` - to set end date in format YYYY-MM-DD
 Example in HTTPie:
 ```http get '//shynet.example.com/api/v1/dashboard/?uuid={{service_uuid}}&startDate=2021-01-01&endDate=2050-01-01' 'Authorization:Token {{user_api_token}}'```
 Example in cURL:
 ```curl -H 'Authorization:Token {{user_api_token}}' '//shynet.example.com/api/v1/dashboard/?uuid={{service_uuid}}&startDate=2021-01-01&endDate=2050-01-01'```
 ---
 ## Troubleshooting
--- a/poetry.lock
+++ b/poetry.lock
@ -301,6 +301,17 @@ python3-openid = ">=3.0.8"
 requests = "*"
 requests-oauthlib = ">=0.3.0"
 [[package]]
 name = "django-cors-headers"
 version = "3.13.0"
 description = "django-cors-headers is a Django application for handling the server headers required for Cross-Origin Resource Sharing (CORS)."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 [package.dependencies]
 Django = ">=3.2"
 [[package]]
 name = "django-coverage-plugin"
 version = "2.0.3"
@ -963,7 +974,7 @@ multidict = ">=4.0"
 [metadata]
 lock-version = "1.1"
 python-versions = "^3.8"
-content-hash = "ab6edbffdf2275a6e323a34d85f1f354264ad3a46d3c179922a7ee72f88ce1a2"
+content-hash = "af3d0422c23c7381c78eaab410bdd1a0fa1ca2f19d615a4d365808b705e73188"
 [metadata.files]
 aiohttp = [
@ -1084,6 +1095,7 @@ django = []
 django-allauth = [
    {file = "django-allauth-0.45.0.tar.gz", hash = "sha256:6d46be0e1480316ccd45476db3aefb39db70e038d2a543112d314b76bb999a4e"},
 ]
 django-cors-headers = []
 django-coverage-plugin = []
 django-debug-toolbar = []
 django-health-check = []
--- a/pyproject.toml
+++ b/pyproject.toml
@ -26,6 +26,7 @@ django-health-check = "^3.16.4"
 django-npm = "^1.0.0"
 python-dotenv = "^0.18.0"
 django-debug-toolbar = "^3.2.1"
 django-cors-headers = "^3.11.0"
 [tool.poetry.dev-dependencies]
 pytest-sugar = "^0.9.4"
--- a/shynet/api/init.py
+++ b/shynet/api/init.py
--- a/shynet/api/admin.py
+++ b/shynet/api/admin.py
@ -0,0 +1 @@
 # from django.contrib import admin
--- a/shynet/api/apps.py
+++ b/shynet/api/apps.py
@ -0,0 +1,6 @@
 from django.apps import AppConfig
 class ApiConfig(AppConfig):
    default_auto_field = 'django.db.models.BigAutoField'
    name = 'api'
--- a/shynet/api/migrations/init.py
+++ b/shynet/api/migrations/init.py
--- a/shynet/api/mixins.py
+++ b/shynet/api/mixins.py
@ -0,0 +1,23 @@
 from django.http import JsonResponse
 from django.contrib.auth.models import AnonymousUser
 from core.models import User
 class ApiTokenRequiredMixin:
    def _get_user_by_token(self, request):
        token = request.headers.get('Authorization')
        if not token or not token.startswith('Token '):
            return AnonymousUser()
        token = token.split(' ')[1]
        user = User.objects.filter(api_token=token).first()
        return user if user else AnonymousUser()
    def dispatch(self, request, *args, **kwargs):
        request.user = self._get_user_by_token(request)
        if not request.user.is_authenticated:
            return JsonResponse(data={}, status=403)
        return super().dispatch(request, *args, **kwargs)
--- a/shynet/api/models.py
+++ b/shynet/api/models.py
@ -0,0 +1 @@
 # from django.db import models
--- a/shynet/api/tests.py
+++ b/shynet/api/tests.py
@ -0,0 +1,3 @@
 from django.test import TestCase
 # Create your tests here.
--- a/shynet/api/urls.py
+++ b/shynet/api/urls.py
@ -0,0 +1,7 @@
 from django.urls import path
 from . import views
 urlpatterns = [
    path("dashboard/", views.DashboardApiView.as_view(), name="services"),
 ]
--- a/shynet/api/views.py
+++ b/shynet/api/views.py
@ -0,0 +1,60 @@
 import uuid
 from django.http import JsonResponse
 from django.db.models import Q
 from django.db.models.query import QuerySet
 from django.views.generic import View
 from dashboard.mixins import DateRangeMixin
 from core.models import Service
 from .mixins import ApiTokenRequiredMixin
 def is_valid_uuid(value):
    try:
        uuid.UUID(value)
        return True
    except ValueError:
        return False
 class DashboardApiView(ApiTokenRequiredMixin, DateRangeMixin, View):
    def get(self, request, *args, **kwargs):
        services = Service.objects.filter(
            Q(owner=request.user) | Q(collaborators__in=[request.user])
        ).distinct()
        uuid = request.GET.get('uuid')
        if uuid and is_valid_uuid(uuid):
            services = services.filter(uuid=uuid)
        try:
            start = self.get_start_date()
            end = self.get_end_date()
        except ValueError:
            return JsonResponse(status=400, data={'error': 'Invalid date format'})
        services_data = [
            {
                'name': s.name,
                'uuid': s.uuid,
                'link': s.link,
                'stats': s.get_core_stats(start, end),
            }
            for s in services
        ]
        services_data = self._convert_querysets_to_lists(services_data)
        return JsonResponse(data={'services': services_data})
    def _convert_querysets_to_lists(self, services_data):
        for service_data in services_data:
            for key, value in service_data['stats'].items():
                if isinstance(value, QuerySet):
                    service_data['stats'][key] = list(value)
            for key, value in service_data['stats']['compare'].items():
                if isinstance(value, QuerySet):
                    service_data['stats']['compare'][key] = list(value)
        return services_data
--- a/shynet/core/migrations/0009_auto_20211117_0217.py
+++ b/shynet/core/migrations/0009_auto_20211117_0217.py
@ -0,0 +1,24 @@
 # Generated by Django 3.2.5 on 2021-11-17 07:17
 import core.models
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('core', '0008_auto_20200628_1403'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='api_token',
            field=models.TextField(default=core.models._default_api_token, unique=True),
        ),
        migrations.AlterField(
            model_name='user',
            name='id',
            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
        ),
    ]
--- a/shynet/core/models.py
+++ b/shynet/core/models.py
@ -1,8 +1,9 @@
 import ipaddress
 import json
 import re
 import uuid
 from secrets import token_urlsafe
 from django.apps import apps
 from django.conf import settings
 from django.contrib.auth.models import AbstractUser
@ -44,9 +45,14 @@ def _parse_network_list(networks: str):
    return [ipaddress.ip_network(network.strip()) for network in networks.split(",")]
 def _default_api_token():
    return token_urlsafe(32)
 class User(AbstractUser):
    username = models.TextField(default=_default_uuid, unique=True)
    email = models.EmailField(unique=True)
    api_token = models.TextField(default=_default_api_token, unique=True)
    def __str__(self):
        return self.email
@ -211,6 +217,7 @@ class Service(models.Model):
        chart_data, chart_tooltip_format, chart_granularity = self._get_chart_data(
            sessions, hits, start_time, end_time, tz_now
        )
        return {
            "currently_online": currently_online,
            "session_count": session_count,
--- a/shynet/dashboard/templates/account/password_change.html
+++ b/shynet/dashboard/templates/account/password_change.html
@ -2,8 +2,8 @@
 {% load i18n a17t_tags %}
-{% block head_title %}{% trans "Change Password" %}{% endblock %}
+{% block head_title %}{% trans "Change authentication info" %}{% endblock %}
-{% block page_title %}{% trans "Change Password" %}{% endblock %}
+{% block page_title %}{% trans "Change authentication info" %}{% endblock %}
 {% block card %}
 <form method="POST" action="{% url 'account_change_password' %}" class="password_change max-w-lg">
@ -11,4 +11,17 @@
    {{ form|a17t }}
    <button type="submit" name="action" class="button ~urge !high">{% trans "Change Password" %}</button>
 </form>
 <hr class="sep">
 <div>
    <p class="label mb-1">Personal API token</p>
    <div class="flex justify-between">
      <span class='chip ~info !normal'>{{request.user.api_token}}</span>
      <form method="POST" action="{% url 'dashboard:api_token_refresh' %}">
          {% csrf_token %}
          <button type="submit" name="action" class="button ~neutral @high">{% trans "Refresh token" %}</button>
      </form>
    </div>
    <p class="support mt-1">To learn more about the API, see our <a href="https://github.com/milesmcc/shynet/blob/master/GUIDE.md#api">API guide</a>.</p>
 </div>
 </div>
 {% endblock %}
--- a/shynet/dashboard/templates/dashboard/pages/service_update.html
+++ b/shynet/dashboard/templates/dashboard/pages/service_update.html
@ -34,5 +34,20 @@
            </div>
        </div>
    </form>
    <hr class="sep h-4">
    <h5>API</h5>
    <div class="card ~neutral !low content">
        <p>Shynet provides a simple API that you can use to pull data programmatically. You can access this data via this URL:</p>
        <code class="text-sm">{{script_protocol}}{{request.get_host}}{% url 'api:services' %}?uuid={{object.uuid}}</code>
        <p>
        There are 2 optional query parameters:
        <ul>
            <li><code class="text-sm">startDate</code> &mdash; to set the start date (in format YYYY-MM-DD)</li>
            <li><code class="text-sm">endDate</code> &mdash; to set the end date (in format YYYY-MM-DD)</li>
        </ul>
        </p>
        <p>Example using cURL:</p>
        <code class="text-sm">curl -H 'Authorization: Token {{request.user.api_token}}' '{{script_protocol}}{{request.get_host}}{% url 'api:services' %}?uuid={{object.uuid}}&startDate=2021-01-01&endDate=2050-01-01'</code>
    </div>
 </div>
 {% endblock %}
--- a/shynet/dashboard/urls.py
+++ b/shynet/dashboard/urls.py
@ -1,6 +1,4 @@
-from django.contrib import admin
+from django.urls import path
 from django.urls import include, path
 from django.views.generic import RedirectView
 from . import views
@ -28,4 +26,9 @@ urlpatterns = [
        views.ServiceSessionView.as_view(),
        name="service_session",
    ),
    path(
        "api-token-refresh/",
        views.RefreshApiTokenView.as_view(),
        name="api_token_refresh",
    ),
 ]
--- a/shynet/dashboard/views.py
+++ b/shynet/dashboard/views.py
@ -3,8 +3,7 @@ from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.messages.views import SuccessMessageMixin
 from django.core.cache import cache
 from django.db.models import Q
-from django.shortcuts import get_object_or_404, reverse
+from django.shortcuts import get_object_or_404, reverse, redirect
 from django.utils import timezone
 from django.views.generic import (
    CreateView,
    DeleteView,
@ -12,11 +11,12 @@ from django.views.generic import (
    ListView,
    TemplateView,
    UpdateView,
    View,
 )
 from rules.contrib.views import PermissionRequiredMixin
 from analytics.models import Session
-from core.models import Service
+from core.models import Service, _default_api_token
 from .forms import ServiceForm
 from .mixins import DateRangeMixin
@ -155,3 +155,10 @@ class ServiceSessionView(LoginRequiredMixin, PermissionRequiredMixin, DetailView
        data = super().get_context_data(**kwargs)
        data["object"] = get_object_or_404(Service, pk=self.kwargs.get("pk"))
        return data
 class RefreshApiTokenView(LoginRequiredMixin, View):
    def post(self, request):
        request.user.api_token = _default_api_token()
        request.user.save()
        return redirect('account_change_password')
--- a/shynet/shynet/settings.py
+++ b/shynet/shynet/settings.py
@ -60,16 +60,19 @@ INSTALLED_APPS = [
    "core",
    "dashboard.apps.DashboardConfig",
    "analytics",
    "api",
    "allauth",
    "allauth.account",
    "allauth.socialaccount",
    "debug_toolbar",
    "corsheaders",
 ]
 MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "whitenoise.middleware.WhiteNoiseMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "corsheaders.middleware.CorsMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
@ -371,3 +374,6 @@ DASHBOARD_PAGE_SIZE = int(os.getenv("DASHBOARD_PAGE_SIZE", "5"))
 USE_RELATIVE_MAX_IN_BAR_VISUALIZATION = (
    os.getenv("USE_RELATIVE_MAX_IN_BAR_VISUALIZATION", "True") == "True"
 )
 CORS_ALLOW_ALL_ORIGINS = True
 CORS_ALLOW_METHODS = ["GET", "OPTIONS"]
--- a/shynet/shynet/urls.py
+++ b/shynet/shynet/urls.py
@ -25,4 +25,5 @@ urlpatterns = [
    path("dashboard/", include(("dashboard.urls", "dashboard"), namespace="dashboard")),
    path("healthz/", include("health_check.urls")),
    path("", include(("core.urls", "core"), namespace="core")),
    path("api/v1/", include(("api.urls", "api"), namespace="api")),
 ]
		`@ -0,0 +1,3 @@`
							`from django.test import TestCase`

							`# Create your tests here.`