sander/rowsandall
Private
Public Access
1
0
Fork 0
Code Activity

added secret password to /rowers/record-progress

Browse Source
This commit is contained in:
Sander Roosendaal
2017-11-02 09:25:19 +01:00
parent 7347c8548f
commit b94ef5e5ac
3 changed files with 24 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
rowers/longtask.py
View File

@@ -61,7 +61,7 @@ def longtask(aantal,jobid=None,debug=False,
return 1 return 1
def longtask2(aantal,jobid=None,debug=False): def longtask2(aantal,jobid=None,debug=False,secret=''):
counter = 0 counter = 0
channel = 'tasks' channel = 'tasks'
@@ -80,7 +80,8 @@ def longtask2(aantal,jobid=None,debug=False):
url = SITE_URL url = SITE_URL
url += "/rowers/record-progress/" url += "/rowers/record-progress/"
url += str(progress)+"/"+jobid url += str(progress)+"/"+jobid
s = requests.get(url) post_data = {"secret":secret}
s = requests.post(url, data=post_data)
if debug: if debug:
print url print url
print s print s

16
rowers/views.py
View File

@@ -14,6 +14,7 @@ from django.views.generic.base import TemplateView
from django.db.models import Q from django.db.models import Q
from django import template from django import template
from django.db import IntegrityError, transaction from django.db import IntegrityError, transaction
from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render from django.shortcuts import render
from django.http import ( from django.http import (
@@ -349,7 +350,8 @@ def test_job_view(request,aantal=100):
def test_job_view2(request,aantal=100): def test_job_view2(request,aantal=100):
job = myqueue(queuehigh,long_test_task2,int(aantal)) job = myqueue(queuehigh,long_test_task2,int(aantal),
secret=settings.PROGRESS_CACHE_SECRET)
try: try:
@@ -361,14 +363,22 @@ def test_job_view2(request,aantal=100):
return HttpResponseRedirect(url) return HttpResponseRedirect(url)
@csrf_exempt
def post_progress(request,id=None,value=0): def post_progress(request,id=None,value=0):
if request.method == 'POST':
secret = request.POST['secret']
if secret == settings.PROGRESS_CACHE_SECRET:
if id: if id:
cache.set(id,value,3600) cache.set(id,value,3600)
# test # test
result = cache.get(id) result = cache.get(id)
return HttpResponse('progress cached '+str(result),status=200) return HttpResponse('progress cached '+str(result),status=200)
else:
return HttpResponse('access denied',status=400)
else:
return HttpResponse('hi',status=200)
def get_all_queued_jobs(userid=0): def get_all_queued_jobs(userid=0):
r = StrictRedis() r = StrictRedis()
@@ -9508,7 +9518,7 @@ def strokedataform(request,id=0):
# Process the POSTed stroke data according to the API definition # Process the POSTed stroke data according to the API definition
# Return the GET stroke data according to the API definition # Return the GET stroke data according to the API definition
from rest_framework_swagger.renderers import OpenAPIRenderer, SwaggerUIRenderer from rest_framework_swagger.renderers import OpenAPIRenderer, SwaggerUIRenderer
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt @csrf_exempt
@login_required() @login_required()
@api_view(['GET','POST']) @api_view(['GET','POST'])

4
rowsandall_app/settings.py
View File

@@ -221,6 +221,10 @@ LOGIN_REDIRECT_URL = '/rowers/list-workouts/'
LOGIN_URL = '/login/' LOGIN_URL = '/login/'
LOGOUT_URL = '/logout/' LOGOUT_URL = '/logout/'
# Update Cache with task progress password
PROGRESS_CACHE_SECRET = CFG['progress_cache_secret']
# Concept 2 # Concept 2
C2_CLIENT_ID = CFG['c2_client_id'] C2_CLIENT_ID = CFG['c2_client_id']
C2_CLIENT_SECRET = CFG['c2_client_secret'] C2_CLIENT_SECRET = CFG['c2_client_secret']