bellingcat/auto-archiver-api
1
0
Fork 0
mirror of https://github.com/bellingcat/auto-archiver-api.git synced 2026-06-12 13:38:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

Restore sheet_service endpoint

Browse Source
This commit is contained in:
Logan Williams
2023-06-06 18:44:45 +00:00
parent 88be84127a
commit 46c487be5d
3 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/main.py
View File

@@ -17,7 +17,7 @@ from worker import create_archive_task, create_sheet_task, celery, insert_result
from db import crud, models, schemas from db import crud, models, schemas
from db.database import engine, SessionLocal from db.database import engine, SessionLocal
from sqlalchemy.orm import Session from sqlalchemy.orm import Session
from security import get_bearer_auth, get_basic_auth, bearer_security from security import get_bearer_auth, get_basic_auth, get_server_auth, bearer_security
from auto_archiver import Metadata from auto_archiver import Metadata
load_dotenv() load_dotenv()
@@ -140,6 +140,14 @@ def archive_sheet(sheet:schemas.SubmitSheet, email = Depends(get_bearer_auth)):
task = create_sheet_task.delay(sheet.json()) task = create_sheet_task.delay(sheet.json())
return JSONResponse({"id": task.id}) return JSONResponse({"id": task.id})
@app.post("/sheet_service", status_code=201)
def archive_sheet_service(sheet:schemas.SubmitSheet, basic_auth = Depends(get_server_auth)):
logger.info(f"SHEET TASK for {sheet=}")
if not sheet.sheet_name and not sheet.sheet_id:
raise HTTPException(status_code=422, detail=f"sheet name or id is required")
task = create_sheet_task.delay(sheet.json())
return JSONResponse({"id": task.id})
#----- endpoint to submit data archived elsewhere #----- endpoint to submit data archived elsewhere
@app.post("/submit-archive", status_code=201) @app.post("/submit-archive", status_code=201)
def submit_manual_archive(manual:schemas.SubmitManual, basic_auth = Depends(get_basic_auth)): def submit_manual_archive(manual:schemas.SubmitManual, basic_auth = Depends(get_basic_auth)):

2
src/requirements.txt
View File

@@ -11,7 +11,7 @@ async-generator==1.10 ; python_version >= '3.5'
async-timeout==4.0.2 ; python_version >= '3.6' async-timeout==4.0.2 ; python_version >= '3.6'
attrs==23.1.0 ; python_version >= '3.7' attrs==23.1.0 ; python_version >= '3.7'
authlib==0.15.6 authlib==0.15.6
auto-archiver==0.5.20 auto-archiver==0.5.23
beautifulsoup4==4.12.2 ; python_full_version >= '3.6.0' beautifulsoup4==4.12.2 ; python_full_version >= '3.6.0'
billiard==3.6.4.0 billiard==3.6.4.0
blinker==1.6.2 ; python_version >= '3.7' blinker==1.6.2 ; python_version >= '3.7'

16
src/security.py
View File

@@ -69,3 +69,19 @@ async def get_basic_auth(credentials: HTTPBasicCredentials = Depends(basic_secur
detail="Wrong auth credentials", detail="Wrong auth credentials",
headers={"WWW-Authenticate": "Basic"} headers={"WWW-Authenticate": "Basic"}
) )
# --------------------- Server-side Auth
SERVICE_PASSWORD = os.environ.get("SERVICE_PASSWORD", "") # min length is 20 chars
async def get_server_auth(credentials: HTTPBasicCredentials = Depends(basic_security)):
# validates that the Basic token in the case that it requires it
assert len(SERVICE_PASSWORD) >= 20, "Invalid SERVICE_PASSWORD, must be at least 20 chars"
current_password_bytes = credentials.password.encode("utf8")
is_correct_password = secrets.compare_digest(current_password_bytes, SERVICE_PASSWORD.encode("utf8"))
if is_correct_password: return True
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Wrong auth credentials",
headers={"WWW-Authenticate": "Basic"}
)