www-bocal/api/views.py

from django.http import response
from django.core.exceptions import ValidationError
from django.views.decorators.csrf import csrf_exempt
import json
import datetime

from . import models
import mainsite.models as mainModels


def authentify(data, payload):
    ''' returns whether the request's authentification is correct '''
    required = ['keyId', 'timestamp', 'hmac']
    for field in required:
        if field not in data:
            return response.HttpResponseForbidden(
                'Missing required field "{}"'.format(field))
    try:
        key = models.ApiKey.objects.get(id=data['keyId'])
    except models.ApiKey.DoesNotExist:
        return response.HttpResponseForbidden('Bad authentication')

    if not key.isCorrect(data['timestamp'], data['hmac'], payload):
        return response.HttpResponseForbidden('Bad authentication')


def apiView(required=[]):
    def decorator(fct):
        @csrf_exempt
        def wrap(request, *args, **kwargs):
            try:
                data = json.loads(request.body.decode('utf-8'))
            except TypeError:
                return response.HttpResponseBadRequest("Bad packet format")
            except json.decoder.JSONDecodeError:
                return response.HttpResponseBadRequest("Bad json")

            try:
                authData = data['auth']
                reqDataOrig = data['req']
            except KeyError:
                return response.HttpResponseBadRequest("Bad request format")

            try:
                reqData = json.loads(reqDataOrig)
            except TypeError:
                return response.HttpResponseBadRequest("Bad packet format")
            except json.decoder.JSONDecodeError:
                return response.HttpResponseBadRequest("Bad inner json")

            for field in required:
                if field not in reqData:
                    return response.HttpResponseBadRequest(
                        "Missing field {}".format(field))

            authVal = authentify(authData, reqDataOrig)
            if authVal is not None:
                return authVal

            return fct(request, reqData, *args, **kwargs)
        return wrap
    return decorator


@apiView(required=["id", "url", "date"])
def publishApiView(request, data):
    ''' Publish a BOcal, and create the corresponding year if needed '''
    if mainModels.Publication.objects.filter(num=data['id']).count() > 0:
        return response.HttpResponseBadRequest(
            "Un BOcal du même numéro est déjà présent ! Ajoutez celui-ci à la "
            "main si vous voulez vraiment faire ça.")

    try:
        year, month, day = [int(x) for x in data['date'].split('-')]
        date = datetime.date(year, month, day)
    except:
        return response.HttpResponseBadRequest("Bad date")

    pub = mainModels.Publication(num=data['id'],
                                 url=data['url'],
                                 date=date)
    try:
        pub.full_clean()
    except ValidationError as e:
        return response.HttpResponseBadRequest(
            "Invalid data: {}".format(e))
    pub.save()

    pub.createPubYear()

    return response.HttpResponse("OK")
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00			`from django.http import response`
			`from django.core.exceptions import ValidationError`
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`from django.views.decorators.csrf import csrf_exempt`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00			`import json`
			`import datetime`
Init api 2017-09-23 21:40:45 +02:00
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00			`from . import models`
			`import mainsite.models as mainModels`


Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`def authentify(data, payload):`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00			`''' returns whether the request's authentification is correct '''`
			`required = ['keyId', 'timestamp', 'hmac']`
			`for field in required:`
			`if field not in data:`
			`return response.HttpResponseForbidden(`
			`'Missing required field "{}"'.format(field))`
			`try:`
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`key = models.ApiKey.objects.get(id=data['keyId'])`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00			`except models.ApiKey.DoesNotExist:`
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`return response.HttpResponseForbidden('Bad authentication')`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00
Change API protocol to fix json normalization A dictionnary's order is not deterministic (eg. when switching python versions), thus the previous protocol would often fail to authenticate a legitimate request. 2017-10-16 20:02:36 +02:00			`if not key.isCorrect(data['timestamp'], data['hmac'], payload):`
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`return response.HttpResponseForbidden('Bad authentication')`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00

Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`def apiView(required=[]):`
			`def decorator(fct):`
			`@csrf_exempt`
			`def wrap(request, args, *kwargs):`
			`try:`
Change API protocol to fix json normalization A dictionnary's order is not deterministic (eg. when switching python versions), thus the previous protocol would often fail to authenticate a legitimate request. 2017-10-16 20:02:36 +02:00			`data = json.loads(request.body.decode('utf-8'))`
			`except TypeError:`
			`return response.HttpResponseBadRequest("Bad packet format")`
			`except json.decoder.JSONDecodeError:`
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`return response.HttpResponseBadRequest("Bad json")`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`try:`
			`authData = data['auth']`
Change API protocol to fix json normalization A dictionnary's order is not deterministic (eg. when switching python versions), thus the previous protocol would often fail to authenticate a legitimate request. 2017-10-16 20:02:36 +02:00			`reqDataOrig = data['req']`
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`except KeyError:`
			`return response.HttpResponseBadRequest("Bad request format")`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00
Change API protocol to fix json normalization A dictionnary's order is not deterministic (eg. when switching python versions), thus the previous protocol would often fail to authenticate a legitimate request. 2017-10-16 20:02:36 +02:00			`try:`
			`reqData = json.loads(reqDataOrig)`
			`except TypeError:`
			`return response.HttpResponseBadRequest("Bad packet format")`
			`except json.decoder.JSONDecodeError:`
			`return response.HttpResponseBadRequest("Bad inner json")`

Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`for field in required:`
			`if field not in reqData:`
			`return response.HttpResponseBadRequest(`
			`"Missing field {}".format(field))`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00
Change API protocol to fix json normalization A dictionnary's order is not deterministic (eg. when switching python versions), thus the previous protocol would often fail to authenticate a legitimate request. 2017-10-16 20:02:36 +02:00			`authVal = authentify(authData, reqDataOrig)`
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`if authVal is not None:`
			`return authVal`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00
Fix publish API, add basic client 2017-09-24 18:20:10 +02:00			`return fct(request, reqData, args, *kwargs)`
			`return wrap`
			`return decorator`
Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00

			`@apiView(required=["id", "url", "date"])`
			`def publishApiView(request, data):`
			`''' Publish a BOcal, and create the corresponding year if needed '''`
			`if mainModels.Publication.objects.filter(num=data['id']).count() > 0:`
			`return response.HttpResponseBadRequest(`
			`"Un BOcal du même numéro est déjà présent ! Ajoutez celui-ci à la "`
			`"main si vous voulez vraiment faire ça.")`

			`try:`
			`year, month, day = [int(x) for x in data['date'].split('-')]`
			`date = datetime.date(year, month, day)`
			`except:`
			`return response.HttpResponseBadRequest("Bad date")`

			`pub = mainModels.Publication(num=data['id'],`
			`url=data['url'],`
			`date=date)`
			`try:`
			`pub.full_clean()`
			`except ValidationError as e:`
			`return response.HttpResponseBadRequest(`
			`"Invalid data: {}".format(e))`
			`pub.save()`

Create PublicationYear on API request Closes #3 2017-09-24 18:41:31 +02:00			`pub.createPubYear()`

Add API publish view [UNTESTED] 2017-09-24 00:42:36 +02:00			`return response.HttpResponse("OK")`