Tracker service (alpha version) + checker (only 'check')

Author: dimmo

.gitignore

@@ -0,0 +1,4 @@
+.idea
+__pycache__
+.pytest_cache
+.venv

checkers/tracker/checker.py

@@ -0,0 +1,111 @@
+#!/usr/bin/env python3
+import msgpack
+import secrets
+import socket
+import sys
+
+PORT = 9090
+BUFFER_SIZE = 1024
+
+SOCK_DCCP = 6
+IPROTO_DCCP = 33
+SOL_DCCP = 269
+DCCP_SOCKOPT_SERVICE = 2
+
+
+class Request:
+    USER_REGISTER = 0x00
+    USER_LOGIN = 0x01
+    USER_LOGOUT = 0x02
+    TRACKER_LIST = 0x10
+    TRACKER_ADD = 0x11
+    TRACKER_DELETE = 0x12
+    POINT_ADD = 0x20
+    TRACK_LIST = 0x30
+    TRACK_GET = 0x31
+    TRACK_DELETE = 0x32
+    TRACK_REQUEST_SHARE = 0x33
+    TRACK_SHARE = 0x34
+
+
+class Response:
+    OK = 0x00
+    BAD_REQUEST = 0x01
+    FORBIDDEN = 0x02
+    NOT_FOUND = 0x03
+    INTERNAL_ERROR = 0x04
+
+
+class Client:
+    def __init__(self, host, port=PORT):
+        sock = socket.socket(socket.AF_INET, SOCK_DCCP, IPROTO_DCCP)
+        sock.setsockopt(SOL_DCCP, DCCP_SOCKOPT_SERVICE, True)
+        sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+        sock.connect((host, port))
+        self.sock = sock
+
+    def query(self, *args, expect=None):
+        response = self.query_raw(args)
+        if expect is not None:
+            assert response[0] == expect
+            response = response[1:]
+        return response[0] if len(response) == 1 else response
+
+    def query_raw(self, obj):
+        self.sock.send(msgpack.packb(obj))
+        return msgpack.unpackb(self.sock.recv(BUFFER_SIZE), raw=False)
+
+
+class ExitCode:
+    OK = 101
+    CORRUPT = 102
+    MUMBLE = 103
+    FAIL = 104
+    INTERNAL_ERROR = 110
+
+
+def check(ip):
+    password = secrets.token_urlsafe(16)
+
+    try:
+        client = Client(ip)
+
+        user_id = client.query(Request.USER_REGISTER, password, expect=Response.OK)
+        secret = client.query(Request.USER_LOGIN, user_id, password, expect=Response.OK)
+        client.query(Request.USER_LOGOUT, secret, expect=Response.OK)
+    except AssertionError:
+        sys.exit(ExitCode.MUMBLE)
+    except ConnectionError:
+        sys.exit(ExitCode.FAIL)
+
+    sys.exit(ExitCode.OK)
+
+
+def put(id, flag):
+    pass
+
+
+def get(id, flag):
+    pass
+
+
+def main():
+    if len(sys.argv) < 3:
+        print("Usage: {} MODE IP".format(sys.argv[0]))
+        sys.exit(ExitCode.INTERNAL_ERROR)
+
+    mode = sys.argv[1]
+    args = sys.argv[2:]
+    if mode == "check":
+        check(*args)
+    elif mode == "put":
+        put(*args)
+    elif mode == "get":
+        put(*args)
+    else:
+        print("Error: unknown MODE.")
+        sys.exit(ExitCode.INTERNAL_ERROR)
+
+
+if __name__ == "__main__":
+    main()

services/tracker/app/__init__.py

@@ -0,0 +1,4 @@
+import app.api.point
+import app.api.track
+import app.api.tracker
+import app.api.user

services/tracker/app/api/__init__.py

@@ -0,0 +1,50 @@
+import logging
+import time
+
+from app.common import handler
+from app.enums import Response, Request, TrackAccess
+
+log = logging.getLogger()
+
+NEW_TRACK_GAP_SECONDS = 2
+
+
+# FIXME: copy-paste?
+async def auth(db, token):
+    row = await db.fetchrow("SELECT id, user_id FROM tracker WHERE token=$1", token)
+    if row is None:
+        return None, None
+    return row["id"], row["user_id"]
+
+
+@handler(Request.POINT_ADD)
+async def add(db, token, latitude, longitude, meta):
+    try:
+        latitude = float(latitude)
+        longitude = float(longitude)
+    except ValueError:
+        return Response.BAD_REQUEST
+
+    tracker_id, user_id = await auth(db, token)
+    if tracker_id is None:
+        return Response.FORBIDDEN
+
+    now = time.time()
+
+    prev = await db.fetchrow("SELECT track_id FROM point WHERE tracker_id=$1 AND timestamp >= $2 "
+                             "ORDER BY timestamp DESC LIMIT 1", tracker_id, now - NEW_TRACK_GAP_SECONDS)
+    if prev is None:
+        track = await db.fetchrow("INSERT INTO track(user_id, started_at, access) VALUES($1, $2, $3) RETURNING id",
+                                  user_id, now, TrackAccess.PRIVATE)
+        track_id = track["id"]
+        log.debug("Created new track: %d.", track_id)
+    else:
+        track_id = prev["track_id"]
+        log.debug("Using old track: %d.", track_id)
+
+    await db.execute("INSERT INTO point(latitude, longitude, tracker_id, track_id, meta, timestamp) "
+                     "VALUES($1, $2, $3, $4, $5, $6)",
+                     latitude, longitude, tracker_id, track_id, meta, time.time())
+    log.debug("Added new point.")
+
+    return Response.OK, track_id

services/tracker/app/api/point.py

@@ -0,0 +1,102 @@
+import logging
+
+from app.common import handler
+from app.enums import Response, Request, TrackAccess
+
+log = logging.getLogger()
+
+
+# FIXME: copy-paste?
+async def auth(db, secret):
+    row = await db.fetchrow("SELECT * FROM secret WHERE value=$1", secret)
+    if row is None:
+        return None
+    return row["user_id"]
+
+
+@handler(Request.TRACK_LIST)
+async def track_list(db, secret):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    rows = await db.fetch("SELECT * FROM track WHERE user_id=$1", user_id)
+    tracks = [(r["id"], r["started_at"], r["access"]) for r in rows]
+
+    return Response.OK, tracks
+
+
+@handler(Request.TRACK_GET)
+async def track_get(db, secret, track_id):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    row = await db.fetchrow("SELECT * FROM track WHERE id=$1", track_id)
+    if row is None:
+        return Response.NOT_FOUND
+
+    access = row["access"]
+    if access is TrackAccess.PRIVATE or access is TrackAccess.PENDING:
+        if user_id != row["user_id"]:
+            log.warning("Get track is forbidden for user %d (owner: %d)", user_id, row["user_id"])
+            return Response.FORBIDDEN
+
+    if TrackAccess.GROUP_ACCESS_MIN <= access <= TrackAccess.GROUP_ACCESS_MAX:
+        # FIXME: check access == user_group
+        return Response.FORBIDDEN
+
+    rows = await db.fetch("SELECT timestamp, latitude, longitude, meta FROM point "
+                          "WHERE track_id=$1 ORDER BY id", track_id)
+    points = [(r["timestamp"], r["latitude"], r["longitude"], r["meta"]) for r in rows]
+    return Response.OK, points
+
+
+@handler(Request.TRACK_DELETE)
+async def track_delete(db, secret, track_id):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    row = await db.fetchrow("SELECT * FROM track WHERE id=$1 AND user_id=$2", track_id, user_id)
+    if row is None:
+        return Response.NOT_FOUND
+
+    await db.execute("DELETE FROM track WHERE id=$1 AND user_id=$2", track_id, user_id)
+    await db.execute("DELETE FROM point WHERE track_id=$1", track_id)
+
+    return Response.OK
+
+
+@handler(Request.TRACK_REQUEST_SHARE)
+async def track_request_share(db, secret, track_id):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    row = await db.fetchrow("SELECT * FROM track WHERE id=$1", track_id)
+    if row is None:
+        return Response.NOT_FOUND
+
+    if row["access"] is not TrackAccess.PRIVATE:
+        return Response.FORBIDDEN
+
+    await db.fetchrow("UPDATE track SET access=$1 WHERE id=$2", TrackAccess.PENDING, track_id)
+    return Response.OK
+
+
+@handler(Request.TRACK_SHARE)
+async def track_share(db, secret, track_id):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    row = await db.fetchrow("SELECT * FROM track WHERE id=$1 AND user_id=$2", track_id, user_id)
+    if row is None:
+        return Response.NOT_FOUND
+
+    if row["access"] is not TrackAccess.PENDING:
+        return Response.BAD_REQUEST
+
+    await db.fetchrow("UPDATE track SET access=$1 WHERE id=$2", TrackAccess.PUBLIC, track_id)
+    return Response.OK

services/tracker/app/api/track.py

@@ -0,0 +1,54 @@
+import logging
+
+from app.common import handler, generate_token
+from app.enums import Response, Request
+
+MAX_TRACKERS = 8
+
+log = logging.getLogger()
+
+
+# FIXME: copy-paste?
+async def auth(db, secret):
+    row = await db.fetchrow("SELECT * FROM secret WHERE value=$1", secret)
+    if row is None:
+        return None
+    return row["user_id"]
+
+
+@handler(Request.TRACKER_LIST)
+async def list(db, secret):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    trackers = await db.fetch("SELECT id, name FROM tracker WHERE user_id=$1", user_id)
+    return Response.OK, [(t["id"], t["name"]) for t in trackers]
+
+
+@handler(Request.TRACKER_ADD)
+async def add(db, secret, name):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    row = await db.fetchrow("SELECT COUNT(*) AS count FROM tracker WHERE user_id=$1", user_id)
+    if row["count"] >= MAX_TRACKERS:
+        return Response.BAD_REQUEST, "Too many trackers."
+
+    token = generate_token()
+    await db.execute("INSERT INTO tracker(user_id, name, token) VALUES($1, $2, $3)",
+                     user_id, name, token)
+    log.debug("Added new tracker.")
+
+    return Response.OK, token
+
+
+@handler(Request.TRACKER_DELETE)
+async def delete(db, secret, id):
+    user_id = await auth(db, secret)
+    if user_id is None:
+        return Response.FORBIDDEN
+
+    res = await db.execute("DELETE FROM tracker WHERE id=$1 AND user_id=$2", id, user_id)
+    return Response.OK if res == "DELETE 1" else Response.NOT_FOUND

services/tracker/app/api/tracker.py

@@ -0,0 +1,59 @@
+import logging
+import time
+import uuid
+
+from app.common import hash_password, is_uuid, generate_secret, connect_db, handler
+from app.enums import Response, Request
+
+MIN_PASSWORD_LEN = 8
+MAX_PASSWORD_LEN = 64
+MAX_ACTIVE_SESSIONS = 3
+
+log = logging.getLogger()
+
+
+@handler(Request.USER_REGISTER)
+async def register(db, password):
+    if len(password) < MIN_PASSWORD_LEN:
+        return Response.BAD_REQUEST, "Password is too short."
+    if len(password) > MAX_PASSWORD_LEN:
+        return Response.BAD_REQUEST, "Password is too long."
+
+    # FIXME: check proof of work
+
+    user_id = uuid.uuid4()
+    await db.execute('INSERT INTO "user"(id, hash, timestamp) VALUES($1, $2, $3)',
+                     user_id, hash_password(password), time.time())
+
+    return Response.OK, str(user_id)
+
+
+@handler(Request.USER_LOGIN)
+async def login(db, user_id, password):
+    if not is_uuid(user_id):
+        return Response.BAD_REQUEST
+
+    user = await db.fetchrow('SELECT * FROM "user" WHERE id=$1 AND hash=$2',
+                             user_id, hash_password(password))
+    if user is None:
+        return Response.FORBIDDEN
+
+    secrets = await db.fetch("SELECT * FROM secret WHERE user_id=$1", user_id)
+    if len(secrets) >= MAX_ACTIVE_SESSIONS:
+        log.warning("Too many active secrets (%d), will remove old.", len(secrets))
+        secrets_to_delete = sorted(secrets, key=lambda s: s["order"], reverse=True)[MAX_ACTIVE_SESSIONS-1:]
+        for secret in secrets_to_delete:
+            log.debug("Removing secret %s", secret["value"])
+            await db.execute("DELETE FROM secret WHERE value=$1", secret["value"])
+
+    secret = generate_secret()
+    await db.execute("INSERT INTO secret(value, user_id, timestamp) VALUES($1, $2, $3)",
+                     secret, user_id, time.time())
+    log.debug("Login successful.")
+    return Response.OK, secret
+
+
+@handler(Request.USER_LOGOUT)
+async def logout(db, secret):
+    res = await db.execute('DELETE FROM secret WHERE value=$1', secret)
+    return Response.OK if res == "DELETE 1" else Response.NOT_FOUND