refactored data app proxy to better support nginx

c087a93c · source_reader · 0202fd3d · c087a93c · 0202fd3d · c087a93c
Commit c087a93c authored Sep 08, 2019 by source_reader
Showing with 44 additions and 98 deletions
app/controllers/data_app_controller.rb
app/controllers/joule_modules_controller.rb
app/controllers/nilms_controller.rb
app/controllers/proxy_controller.rb
app/views/nilms/show.json.jbuilder
config/environments/development.rb
config/environments/production.rb
config/environments/test.rb
config/routes.rb
--- a/app/controllers/data_app_controller.rb
+++ b/app/controllers/data_app_controller.rb
@@ -15,10 +15,10 @@ class DataAppController < ApplicationController
  private
  def _app_auth_url(token)
-    #urls = Rails.application.config_for(:urls)
+    return "#" unless request.headers.key?("HTTP_X_APP_BASE_URI") # apps not enabled
-    #eg: http://3.interfaces.wattsworth.net/authenticate?token=1234
-    Rails.configuration.app_auth_url.call(
+    base = request.headers["HTTP_X_APP_BASE_URI"]
-        token.data_app.id)+"?token="+token.value
+    "#{base}/#{token.data_app.id}/?auth_token=#{token.value}"
  end
  def authenticate_interface_user

--- a/app/controllers/joule_modules_controller.rb
+++ b/app/controllers/joule_modules_controller.rb
-class JouleModulesController < ApplicationController
-  before_action :authenticate_user!
-  def show
-    @joule_module = JouleModule.find(params[:id])
-    @nilm = @joule_module.nilm
-    head :unauthorized and return unless current_user.views_nilm?(@nilm)
-    if @joule_module.web_interface
-      token = InterfaceAuthToken.create(joule_module: @joule_module,
-      user: current_user, expiration: 5.minutes.from_now)
-      @module_url = _interface_authentication_url(token)
-    end
-    render and return
-  end
-  private
-  def _interface_authentication_url(token)
-    #urls = Rails.application.config_for(:urls)
-    #eg: http://3.interfaces.wattsworth.net/authenticate?token=1234
-    Rails.configuration.interface_url_template.call(
-        token.joule_module.id)+"/authenticate?token="+token.value
-  end
-end
--- a/app/controllers/nilms_controller.rb
+++ b/app/controllers/nilms_controller.rb
@@ -26,6 +26,12 @@ class NilmsController < ApplicationController
    else
      @service = StubService.new
    end
+    # url's for data apps
+    @apps_available = request.headers.key?("HTTP_X_APP_BASE_URI")
+    if @apps_available
+      @base_url = request.headers["HTTP_X_APP_BASE_URI"]
+    end
  end
  # POST /nilms.json

--- a/app/controllers/proxy_controller.rb
+++ b/app/controllers/proxy_controller.rb
@@ -9,40 +9,42 @@ class ProxyController < ActionController::Base
  #GET /app/:id/auth
  def authenticate
-    #if the user is already authenticated return the proxy url
+    # first try to authenticate the user
-    if params[:token].nil?
+    if authenticate_interface_user
-      if authenticate_interface_user
+      response.set_header('X-PROXY-URL', @app.url)
-        response.set_header('X-PROXY-URL', @app.url)
+      response.set_header('X-JOULE-KEY', @nilm.key)
-        response.set_header('X-JOULE-KEY', @nilm.key)
+      head :ok and return
-        head :ok and return
-      else
-        head :forbidden and return
-      end
    end
-    # otherwise log them in and redirect to /proxy
+    (head :unauthorized and return) unless request.headers.key?("HTTP_X_ORIGINAL_URI")
-    #reset_session
+    orig_query = URI.parse(request.headers["HTTP_X_ORIGINAL_URI"]).query
-    token = InterfaceAuthToken.find_by_value(params[:token])
+    head :unauthorized and return if orig_query.nil?
-    render :unauthorized and return if token.nil?
+    params = CGI.parse(orig_query)
-    render :unauthorized and return if token.expiration < Time.now
+    head :unathorized and return unless params.key?("auth_token")
+    token_value = params["auth_token"][0]
+    token = InterfaceAuthToken.find_by_value(token_value)
+    head :unauthorized and return if token.nil?
+    head :unauthorized and return if token.expiration < Time.now
    token.destroy
    session[:user_id]=token.user.id
-    response.set_header('X-JOULE-KEY', token.data_app.nilm.key)
+    # if the app_ids key does not exist initialize it to this app
+    session[:app_ids] = session[:app_ids] || [@app.id]
+    # if it does exist append this app if it is not already in the array
+    session[:app_ids] |=[@app.id]
-    redirect_to _app_proxy_url(token) and return
+    response.set_header('X-PROXY-URL', @app.url)
+    response.set_header('X-JOULE-KEY', token.data_app.nilm.key)
+    head :ok and return
  end
  private
-  def _app_proxy_url(token)
-    #urls = Rails.application.config_for(:urls)
-    #eg: http://3.interfaces.wattsworth.net/authenticate?token=1234
-    Rails.configuration.app_proxy_url.call(token.data_app.id)
-  end
  def authenticate_interface_user
    @current_user = User.find_by_id(session[:user_id])
    @app = DataApp.find_by_id(params[:id])
+    # make sure the app is authorized by the cookie
+    return false unless session.include?(:app_ids)
+    return false unless session[:app_ids].include?(@app.id)
    @nilm = @app.nilm
    return false if @current_user.nil? || @app.nil?
    return false unless @current_user.views_nilm?(@nilm)

--- a/app/views/nilms/show.json.jbuilder
+++ b/app/views/nilms/show.json.jbuilder
@@ -13,11 +13,16 @@ json.data do
      end
    end
  end
-  json.data_apps(@nilm.data_apps) do |app|
+  if @apps_available
-    json.id app.id
+    json.data_apps(@nilm.data_apps) do |app|
-    json.name app.name
+      json.id app.id
-    json.url Rails.configuration.app_proxy_url.call(app.id)
+      json.name app.name
-    json.nilm_id @nilm.id
+      json.url "#{@base_url}/#{app.id}/"
+      json.nilm_id @nilm.id
+    end
+  else
+    json.data_apps = []
  end
 end
 json.partial! 'helpers/messages', service: @service
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -78,20 +78,5 @@ Rails.application.configure do
  #
  config.send_emails = true
-  config.app_auth_url = lambda do |id|
-    # change to subdomains for additional security
-    # NOTE: this requires a DNS server
-    # return "http://#{id}.data_app.wattsworth.local"
-    #
-    return "http://127.0.0.1:3001/api/app/#{id}/auth"
-  end
-  config.app_proxy_url = lambda do |id|
-    # change to subdomains for additional security
-    # NOTE: this requires a DNS server
-    # return "http://#{id}.data_app.wattsworth.local"
-    #
-    return "http://127.0.0.1:3001/app/#{id}/"
-  end
 end
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -95,12 +95,5 @@ Rails.application.configure do
  #
  config.send_emails = false
-  config.interface_url_template = lambda do |id|
-    # change to subdomains for additional security
-    # NOTE: this requires a DNS server
-    # return "http://#{id}.data_app.wattsworth.local"
-    #
-    return "/api/data_app/#{id}/"
-  end
 end
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -40,20 +40,4 @@ Rails.application.configure do
  # Raises error for missing translations
  # config.action_view.raise_on_missing_translations = true
-  # set up interface subdomain
-  config.app_auth_url = lambda do |id|
-    # change to subdomains for additional security
-    # NOTE: this requires a DNS server
-    # return "http://#{id}.data_app.wattsworth.local"
-    #
-    return "http://127.0.0.1:3001/api/app/#{id}/auth"
-  end
-  config.app_proxy_url = lambda do |id|
-    # change to subdomains for additional security
-    # NOTE: this requires a DNS server
-    # return "http://#{id}.data_app.wattsworth.local"
-    #
-    return "http://127.0.0.1:3001/app/#{id}/"
-  end
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -6,8 +6,6 @@ Rails.application.routes.draw do
    end
  end
-  resources :joule_modules, only: [:show]
  resources :data_views do
    collection do
      get 'home' #retrieve a user's home data view