Add basic "create" API..

.. using server-side API tokens
2021-07-08 20:04:27 +02:00
parent 72c04d8495
commit b27d5b3c5b
12 changed files with 267 additions and 102 deletions
--- a/capsulflask/console.py
+++ b/capsulflask/console.py
@ -1,7 +1,9 @@
+from base64 import b64encode
+from datetime import datetime, timedelta
+import json
 import re
 import sys
-import json
-from datetime import datetime, timedelta
+
 from flask import Blueprint
 from flask import flash
 from flask import current_app
@ -98,7 +100,6 @@ def index():
@bp.route("/<string:id>", methods=("GET", "POST"))
@account_required
 def detail(id):
-
  duration=request.args.get('duration')
  if not duration:
    duration = "5m"
@ -188,6 +189,75 @@ def detail(id):
      duration=duration
    )

+def _create(vm_sizes, operating_systems, public_keys_for_account, affordable_vm_sizes,_server_data):
+  errors = list()
+
+  size = server_data.get("size")
+  os = server_data.get("os")
+  posted_keys_count = int(server_data.get("ssh_authorized_key_count"))
+
+  if not size:
+    errors.append("Size is required")
+  elif size not in vm_sizes:
+    errors.append(f"Invalid size {size}")
+  elif size not in affordable_vm_sizes:
+    errors.append(f"Your account must have enough credit to run an {size} for 1 month before you will be allowed to create it")
+
+
+  if not os:
+    errors.append("OS is required")
+  elif os not in operating_systems:
+    errors.append(f"Invalid os {os}")
+
+  posted_keys = list()
+
+  if posted_keys_count > 1000:
+    errors.append("something went wrong with ssh keys")
+  else:
+    for i in range(0, posted_keys_count):
+      if f"ssh_key_{i}" in server_data:
+        posted_name = server_data.get(f"ssh_key_{i}")
+        key = None
+        for x in public_keys_for_account:
+          if x['name'] == posted_name:
+            key = x
+        if key:
+          posted_keys.append(key)
+        else:
+          errors.append(f"SSH Key \"{posted_name}\" doesn't exist")
+
+  if len(posted_keys) == 0:
+    errors.append("At least one SSH Public Key is required")
+
+  capacity_avaliable = current_app.config["HUB_MODEL"].capacity_avaliable(
+    vm_sizes[size]['memory_mb']*1024*1024
+  )
+
+  if not capacity_avaliable:
+    errors.append("""
+      host(s) at capacity. no capsuls can be created at this time. sorry. 
+    """)
+
+  if len(errors) == 0:
+    id = makeCapsulId()
+    get_model().create_vm(
+      email=session["account"], 
+      id=id, 
+      size=size, 
+      os=os,
+      ssh_authorized_keys=list(map(lambda x: x["name"], posted_keys))
+    )
+    current_app.config["HUB_MODEL"].create(
+      email = session["account"],
+      id=id,
+      template_image_file_name=operating_systems[os]['template_image_file_name'],
+      vcpus=vm_sizes[size]['vcpus'],
+      memory_mb=vm_sizes[size]['memory_mb'],
+      ssh_authorized_keys=list(map(lambda x: x["content"], posted_keys))
+    )
+    return id, errors
+
+  return None, errors

@bp.route("/create", methods=("GET", "POST"))
@account_required
@ -197,7 +267,6 @@ def create():
  public_keys_for_account = get_model().list_ssh_public_keys_for_account(session["account"])
  account_balance = get_account_balance(get_vms(), get_payments(), datetime.utcnow())
  capacity_avaliable = current_app.config["HUB_MODEL"].capacity_avaliable(512*1024*1024)
-  errors = list()

  affordable_vm_sizes = dict()
  for key, vm_size in vm_sizes.items():
@ -210,64 +279,13 @@ def create():
  if request.method == "POST":
    if "csrf-token" not in request.form or request.form['csrf-token'] != session['csrf-token']:
      return abort(418, f"u want tea")
-
-    size = request.form["size"]
-    os = request.form["os"]
-    if not size:
-      errors.append("Size is required")
-    elif size not in vm_sizes:
-      errors.append(f"Invalid size {size}")
-    elif size not in affordable_vm_sizes:
-      errors.append(f"Your account must have enough credit to run an {size} for 1 month before you will be allowed to create it")
-
-    if not os:
-      errors.append("OS is required")
-    elif os not in operating_systems:
-      errors.append(f"Invalid os {os}")
-
-    posted_keys_count = int(request.form["ssh_authorized_key_count"])
-    posted_keys = list()
-
-    if posted_keys_count > 1000:
-      errors.append("something went wrong with ssh keys")
-    else:
-      for i in range(0, posted_keys_count):
-        if f"ssh_key_{i}" in request.form:
-          posted_name = request.form[f"ssh_key_{i}"]
-          key = None
-          for x in public_keys_for_account:
-            if x['name'] == posted_name:
-              key = x
-          if key:
-            posted_keys.append(key)
-          else:
-            errors.append(f"SSH Key \"{posted_name}\" doesn't exist")
-
-    if len(posted_keys) == 0:
-      errors.append("At least one SSH Public Key is required")
-
-    capacity_avaliable = current_app.config["HUB_MODEL"].capacity_avaliable(vm_sizes[size]['memory_mb']*1024*1024)
-
-    if not capacity_avaliable:
-      errors.append("""
-        host(s) at capacity. no capsuls can be created at this time. sorry. 
-      """)
-
-    if len(errors) == 0:
-      id = make_capsul_id()
-      # we can't create the vm record in the DB yet because its IP address needs to be allocated first.
-      # so it will be created when the allocation happens inside the hub_api.
-      current_app.config["HUB_MODEL"].create(
-        email = session["account"],
-        id=id,
-        os=os,
-        size=size,
-        template_image_file_name=operating_systems[os]['template_image_file_name'],
-        vcpus=vm_sizes[size]['vcpus'],
-        memory_mb=vm_sizes[size]['memory_mb'],
-        ssh_authorized_keys=list(map(lambda x: dict(name=x['name'], content=x['content']), posted_keys)) 
-      )
-      
+    id, errors = _create(
+      vm_sizes, 
+      operating_systems,
+      public_keys_for_account,
+      affordable_vm_sizes,
+      request.form)
+    if len(errors) == 0: 
      return redirect(f"{url_for('console.index')}?created={id}")
  

@ -290,23 +308,25 @@ def create():
    vm_sizes=affordable_vm_sizes
  )

-@bp.route("/ssh", methods=("GET", "POST"))
+@bp.route("/keys", methods=("GET", "POST"))
@account_required
-def ssh_public_keys():
+def ssh_api_keys():
  errors = list()

+  token = None
+
  if request.method == "POST":
    if "csrf-token" not in request.form or request.form['csrf-token'] != session['csrf-token']:
      return abort(418, f"u want tea")
      
-    method = request.form["method"]
-    content = None
-    if method == "POST":
+    action = request.form["action"]
+
+    if action == 'upload_ssh_key':
+      content = None
      content = request.form["content"].replace("\r", " ").replace("\n", " ").strip()
-      
-    name = request.form["name"]
-    if not name or len(name.strip()) < 1:
-      if method == "POST":
+        
+      name = request.form["name"]
+      if not name or len(name.strip()) < 1:
        parts = re.split(" +", content)
        if len(parts) > 2 and len(parts[2].strip()) > 0:
          name = parts[2].strip()
@ -314,10 +334,9 @@ def ssh_public_keys():
          name = parts[0].strip()
      else:
        errors.append("Name is required")
-    if not re.match(r"^[0-9A-Za-z_@:. -]+$", name):
-      errors.append(f"Key name '{name}' must match \"^[0-9A-Za-z_@:. -]+$\"")
+      if not re.match(r"^[0-9A-Za-z_@:. -]+$", name):
+        errors.append(f"Key name '{name}' must match \"^[0-9A-Za-z_@:. -]+$\"")

-    if method == "POST":
      if not content or len(content.strip()) < 1:
        errors.append("Content is required")
      else:
@ -330,24 +349,36 @@ def ssh_public_keys():
      if len(errors) == 0:
        get_model().create_ssh_public_key(session["account"], name, content)

-    elif method == "DELETE":
+    elif action == "delete_ssh_key":
+      get_model().delete_ssh_public_key(session["account"], name)

-      if len(errors) == 0:
-        get_model().delete_ssh_public_key(session["account"], name)
+    elif action == "generate_api_token":
+      name = request.form["name"]
+      if name == '':
+          name = datetime.utcnow().strftime('%y-%m-%d %H:%M:%S')
+      token = b64encode(
+        get_model().generate_api_token(session["account"], name).encode('utf-8')
+      ).decode('utf-8')
+
+    elif action == "delete_api_token":
+      get_model().delete_api_token(session["account"], request.form["id"])

  for error in errors:
    flash(error)

-  keys_list=list(map(
+  ssh_keys_list=list(map(
    lambda x: dict(name=x['name'], content=f"{x['content'][:20]}...{x['content'][len(x['content'])-20:]}"), 
    get_model().list_ssh_public_keys_for_account(session["account"])
  ))

+  api_tokens_list = get_model().list_api_tokens(session["account"])
+
  return render_template(
-    "ssh-public-keys.html", 
+    "keys.html", 
    csrf_token = session["csrf-token"],
-    ssh_public_keys=keys_list, 
-    has_ssh_public_keys=len(keys_list) > 0
+    api_tokens=api_tokens_list, 
+    ssh_public_keys=ssh_keys_list,
+    generated_api_token=token,
  )

 def get_vms():
@ -371,7 +402,6 @@ def get_vm_months_float(vm, as_of):
  return days / average_number_of_days_in_a_month

 def get_account_balance(vms, payments, as_of):
-
  vm_cost_dollars = 0.0
  for vm in vms:
    vm_months = get_vm_months_float(vm, as_of)
@ -384,7 +414,6 @@ def get_account_balance(vms, payments, as_of):
@bp.route("/account-balance")
@account_required
 def account_balance():
-
  payment_sessions = get_model().list_payment_sessions_for_account(session['account'])
  for payment_session in payment_sessions:
    if payment_session['type'] == 'btcpay':