Commit c087a93c by source_reader

refactored data app proxy to better support nginx

parent 0202fd3d
...@@ -15,10 +15,10 @@ class DataAppController < ApplicationController ...@@ -15,10 +15,10 @@ class DataAppController < ApplicationController
private private
def _app_auth_url(token) def _app_auth_url(token)
#urls = Rails.application.config_for(:urls) return "#" unless request.headers.key?("HTTP_X_APP_BASE_URI") # apps not enabled
#eg: http://3.interfaces.wattsworth.net/authenticate?token=1234
Rails.configuration.app_auth_url.call( base = request.headers["HTTP_X_APP_BASE_URI"]
token.data_app.id)+"?token="+token.value "#{base}/#{token.data_app.id}/?auth_token=#{token.value}"
end end
def authenticate_interface_user def authenticate_interface_user
......
class JouleModulesController < ApplicationController
before_action :authenticate_user!
def show
@joule_module = JouleModule.find(params[:id])
@nilm = @joule_module.nilm
head :unauthorized and return unless current_user.views_nilm?(@nilm)
if @joule_module.web_interface
token = InterfaceAuthToken.create(joule_module: @joule_module,
user: current_user, expiration: 5.minutes.from_now)
@module_url = _interface_authentication_url(token)
end
render and return
end
private
def _interface_authentication_url(token)
#urls = Rails.application.config_for(:urls)
#eg: http://3.interfaces.wattsworth.net/authenticate?token=1234
Rails.configuration.interface_url_template.call(
token.joule_module.id)+"/authenticate?token="+token.value
end
end
...@@ -26,6 +26,12 @@ class NilmsController < ApplicationController ...@@ -26,6 +26,12 @@ class NilmsController < ApplicationController
else else
@service = StubService.new @service = StubService.new
end end
# url's for data apps
@apps_available = request.headers.key?("HTTP_X_APP_BASE_URI")
if @apps_available
@base_url = request.headers["HTTP_X_APP_BASE_URI"]
end
end end
# POST /nilms.json # POST /nilms.json
......
...@@ -9,40 +9,42 @@ class ProxyController < ActionController::Base ...@@ -9,40 +9,42 @@ class ProxyController < ActionController::Base
#GET /app/:id/auth #GET /app/:id/auth
def authenticate def authenticate
#if the user is already authenticated return the proxy url # first try to authenticate the user
if params[:token].nil? if authenticate_interface_user
if authenticate_interface_user response.set_header('X-PROXY-URL', @app.url)
response.set_header('X-PROXY-URL', @app.url) response.set_header('X-JOULE-KEY', @nilm.key)
response.set_header('X-JOULE-KEY', @nilm.key) head :ok and return
head :ok and return
else
head :forbidden and return
end
end end
# otherwise log them in and redirect to /proxy (head :unauthorized and return) unless request.headers.key?("HTTP_X_ORIGINAL_URI")
#reset_session orig_query = URI.parse(request.headers["HTTP_X_ORIGINAL_URI"]).query
token = InterfaceAuthToken.find_by_value(params[:token]) head :unauthorized and return if orig_query.nil?
render :unauthorized and return if token.nil? params = CGI.parse(orig_query)
render :unauthorized and return if token.expiration < Time.now head :unathorized and return unless params.key?("auth_token")
token_value = params["auth_token"][0]
token = InterfaceAuthToken.find_by_value(token_value)
head :unauthorized and return if token.nil?
head :unauthorized and return if token.expiration < Time.now
token.destroy token.destroy
session[:user_id]=token.user.id session[:user_id]=token.user.id
response.set_header('X-JOULE-KEY', token.data_app.nilm.key) # if the app_ids key does not exist initialize it to this app
session[:app_ids] = session[:app_ids] || [@app.id]
# if it does exist append this app if it is not already in the array
session[:app_ids] |=[@app.id]
redirect_to _app_proxy_url(token) and return response.set_header('X-PROXY-URL', @app.url)
response.set_header('X-JOULE-KEY', token.data_app.nilm.key)
head :ok and return
end end
private private
def _app_proxy_url(token)
#urls = Rails.application.config_for(:urls)
#eg: http://3.interfaces.wattsworth.net/authenticate?token=1234
Rails.configuration.app_proxy_url.call(token.data_app.id)
end
def authenticate_interface_user def authenticate_interface_user
@current_user = User.find_by_id(session[:user_id]) @current_user = User.find_by_id(session[:user_id])
@app = DataApp.find_by_id(params[:id]) @app = DataApp.find_by_id(params[:id])
# make sure the app is authorized by the cookie
return false unless session.include?(:app_ids)
return false unless session[:app_ids].include?(@app.id)
@nilm = @app.nilm @nilm = @app.nilm
return false if @current_user.nil? || @app.nil? return false if @current_user.nil? || @app.nil?
return false unless @current_user.views_nilm?(@nilm) return false unless @current_user.views_nilm?(@nilm)
......
...@@ -13,11 +13,16 @@ json.data do ...@@ -13,11 +13,16 @@ json.data do
end end
end end
end end
json.data_apps(@nilm.data_apps) do |app| if @apps_available
json.id app.id json.data_apps(@nilm.data_apps) do |app|
json.name app.name json.id app.id
json.url Rails.configuration.app_proxy_url.call(app.id) json.name app.name
json.nilm_id @nilm.id json.url "#{@base_url}/#{app.id}/"
json.nilm_id @nilm.id
end
else
json.data_apps = []
end end
end end
json.partial! 'helpers/messages', service: @service json.partial! 'helpers/messages', service: @service
...@@ -78,20 +78,5 @@ Rails.application.configure do ...@@ -78,20 +78,5 @@ Rails.application.configure do
# #
config.send_emails = true config.send_emails = true
config.app_auth_url = lambda do |id|
# change to subdomains for additional security
# NOTE: this requires a DNS server
# return "http://#{id}.data_app.wattsworth.local"
#
return "http://127.0.0.1:3001/api/app/#{id}/auth"
end
config.app_proxy_url = lambda do |id|
# change to subdomains for additional security
# NOTE: this requires a DNS server
# return "http://#{id}.data_app.wattsworth.local"
#
return "http://127.0.0.1:3001/app/#{id}/"
end
end end
...@@ -95,12 +95,5 @@ Rails.application.configure do ...@@ -95,12 +95,5 @@ Rails.application.configure do
# #
config.send_emails = false config.send_emails = false
config.interface_url_template = lambda do |id|
# change to subdomains for additional security
# NOTE: this requires a DNS server
# return "http://#{id}.data_app.wattsworth.local"
#
return "/api/data_app/#{id}/"
end
end end
...@@ -40,20 +40,4 @@ Rails.application.configure do ...@@ -40,20 +40,4 @@ Rails.application.configure do
# Raises error for missing translations # Raises error for missing translations
# config.action_view.raise_on_missing_translations = true # config.action_view.raise_on_missing_translations = true
# set up interface subdomain
config.app_auth_url = lambda do |id|
# change to subdomains for additional security
# NOTE: this requires a DNS server
# return "http://#{id}.data_app.wattsworth.local"
#
return "http://127.0.0.1:3001/api/app/#{id}/auth"
end
config.app_proxy_url = lambda do |id|
# change to subdomains for additional security
# NOTE: this requires a DNS server
# return "http://#{id}.data_app.wattsworth.local"
#
return "http://127.0.0.1:3001/app/#{id}/"
end
end end
...@@ -6,8 +6,6 @@ Rails.application.routes.draw do ...@@ -6,8 +6,6 @@ Rails.application.routes.draw do
end end
end end
resources :joule_modules, only: [:show]
resources :data_views do resources :data_views do
collection do collection do
get 'home' #retrieve a user's home data view get 'home' #retrieve a user's home data view
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment