16 changed files with 14 additions and 334 deletions
--- a/0001-admin-All-admin-path-functions-require-an-APIKey.patch
+++ b/0001-admin-All-admin-path-functions-require-an-APIKey.patch
@ -1,130 +0,0 @@
 From b08a24bedfb247fd148c48e00ee5d9b544991dfe Mon Sep 17 00:00:00 2001
 From: HeshamTB <hishaminv@gmail.com>
 Date: Thu, 14 Apr 2022 07:16:28 +0300
 Subject: [PATCH] admin: All admin path functions require an APIKey
 Signed-off-by: HeshamTB <hishaminv@gmail.com>
 ---
 sql_app/auth_helper.py | 10 +++++++++-
 sql_app/main.py        | 19 ++++++++++---------
 2 files changed, 19 insertions(+), 10 deletions(-)
 diff --git a/sql_app/auth_helper.py b/sql_app/auth_helper.py
 index a9b866b..12aa271 100644
 --- a/sql_app/auth_helper.py
 +++ b/sql_app/auth_helper.py
@@ -3,18 +3,22 @@ from typing import Optional
 from decouple import config
 from datetime import datetime, timedelta
 from sqlalchemy.orm import Session
 -from fastapi import Depends
 +from fastapi import Depends, Security, HTTPException
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
 +from fastapi.security.api_key import APIKey, APIKeyHeader
 from . import crud, crypto, schemas
 import jwt
 import time
 JWT_SECRET = config('jwt_secret')
 JWT_ALGO = config('jwt_algorithm')
 +__API_KEY = config('API_KEY')
 +__API_KEY_NAME = config('API_KEY_NAME')
 +api_key_header = APIKeyHeader(name=__API_KEY_NAME)
 def create_access_token(data : dict, expires_delta : Optional[timedelta] = None):
     # TODO: Consider making non-expiring token
@@ -33,3 +37,7 @@ def authenticate_user(db: Session, username : str, password : str):
         return False
     return crypto.verify_key(password, user.passwd_salt, user.hashed_password)
 +def valid_api_key(key = Security(api_key_header)):
 +    if not __API_KEY == key:
 +        raise HTTPException(401, detail="invalid key")
 +    return 
 diff --git a/sql_app/main.py b/sql_app/main.py
 index 413db35..9a9434e 100644
 --- a/sql_app/main.py
 +++ b/sql_app/main.py
@@ -1,5 +1,6 @@
 from fastapi import Depends, FastAPI, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
 +from fastapi.security.api_key import APIKey
 from sqlalchemy.orm import Session
 from . import crud, models, schemas, auth_helper
@@ -65,31 +66,31 @@ def get_user_details(current_user: schemas.User = Depends(get_current_active_use
     return current_user
 @app.get("/admin/users/", response_model=List[schemas.User], tags=['Admin'])
 -def read_users(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)):
 +def read_users(skip: int = 0, limit: int = 100, db: Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     users = crud.get_users(db, skip=skip, limit=limit)
     return users
 @app.get("/admin/iotentities/", response_model=List[schemas.IotEntity], tags=['Admin'])
 -def read_iot_entities(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)):
 +def read_iot_entities(skip: int = 0, limit: int = 100, db: Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     iot_entities = crud.get_iot_entities(db, skip=skip, limit=limit)
     return iot_entities
 # TODO: Can duplicate
 @app.post("/admin/iotentities/create", response_model=schemas.IotEntity, tags=['Admin'])
 -def create_iot_entities(iot_entity: schemas.IotEntityCreate, db: Session = Depends(get_db)):
 +def create_iot_entities(iot_entity: schemas.IotEntityCreate, db: Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     iot_entities = crud.create_iot_entity(db, iot_entity)
     return iot_entities
 @app.get("/admin/users/{user_id}", response_model=schemas.User, tags=['Admin'])
 -def read_user(user_id: int, db: Session = Depends(get_db)):
 +def read_user(user_id: int, db: Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     db_user = crud.get_user(db, user_id=user_id)
     if db_user is None:
         raise HTTPException(status_code=404, detail="User not found")
     return db_user
 # TODO: Can duplicate
 @app.post("/admin/users/allowdevice/id", tags=['Admin'])
 -def allow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityRequestByID, db: Session = Depends(get_db)):
 +def allow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityRequestByID, db: Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     user = crud.get_user(db, request.user_id)
     if not user:
         raise HTTPException(status_code=404, detail="User not found")
@@ -105,7 +106,7 @@ def allow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityReques
     return user
 @app.post("/admin/users/disallowdevice/id", tags=['Admin'])
 -def disallow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityRequestByID, db: Session = Depends(get_db)):
 +def disallow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityRequestByID, db: Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     user = crud.get_user(db, request.user_id)
     if not user:
         raise HTTPException(status_code=404, detail="User not found")
@@ -122,7 +123,7 @@ def disallow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityReq
     return
 @app.post("/admin/users/allowdevice/name", tags=['Admin'])
 -def allow_user_for_iot_entity_by_name(request: schemas.UserAllowForIotEntityRequestByUsername, db: Session = Depends(get_db)):
 +def allow_user_for_iot_entity_by_name(request: schemas.UserAllowForIotEntityRequestByUsername, db: Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     user = crud.get_user_by_username(db, request.username)
     if not user:
         raise HTTPException(status_code=404, detail="User not found")
@@ -138,11 +139,11 @@ def allow_user_for_iot_entity_by_name(request: schemas.UserAllowForIotEntityRequ
     return
 @app.post("/admin/users/{user_id}/deactiveate", tags=['Admin'])
 -def deactiveate_user(user_id: int, db:Session = Depends(get_db)):
 +def deactiveate_user(user_id: int, db:Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     return
 @app.post("/admin/users/{user_id}/activeate", tags=['Admin'])
 -def deactiveate_user(user_id: int, db:Session = Depends(get_db)):
 +def deactiveate_user(user_id: int, db:Session = Depends(get_db), api_key: APIKey = Depends(auth_helper.valid_api_key)):
     return
 @app.get("/users/acesslist/", response_model=List[schemas.IotEntity], tags=['Users'])
 --
 libgit2 1.4.3
--- a/10
+++ b/10
@ -1,14 +1,4 @@
 #!/bin/bash
 source venv/bin/activate
 cd sql_app/
 ./file_permissios.py
 if [ $? == 1 ]
 then
    echo "enviorment file_permissions are incorrect"
    exit 1
 fi
 cd ../
 exec uvicorn sql_app.main:app --ssl-certfile server.crt --ssl-keyfile server.key --port 4040 --host 0.0.0.0 --no-server-header
--- a/sql_app/TODO
+++ b/sql_app/TODO
@ -15,7 +15,7 @@
 - [X] Expose data analysis
 - [X] Load backend onto RPi
 - [X] Test connections in lab network
- [X] Define emrgancy triggers (manual and automatic)
+- [ ] Define emrgancy triggers (manual and automatic)
 - [ ] Expose temporary control in case of emergancy
        - Triggers
        - Acccess
@ -36,10 +36,6 @@
 - [ ] Write unit tests
 - [ ] Develop a program to visualize the data
 - [ ] CLI frontend
- [X] Emergaency
+
- [X] Send state with accesslist
+
 - [X] Split monitor into different class
 - [ ] Make a script that adds types, and thier basic database ops?? (avoid writing boiler-plate)
 - [ ] Make a script that emulates a door and monitor
 - [ ] Check file premissions on .env file, if global reject
 eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJibHVldG9vdGhfbWFjIjoic3RyaW5nIn0.ELl5AfBR1NdM4_OFhl_SCTm9EMPpqjiCKOSS0CrOJps
--- a/sql_app/auth_helper.py
+++ b/sql_app/auth_helper.py
@ -1,5 +1,3 @@
 # May 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 from typing import Optional
 from decouple import config
--- a/sql_app/crud.py
+++ b/sql_app/crud.py
@ -1,6 +1,3 @@
 # March 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 # CRUD (Create, Read, Update, Delete) from db
 from sqlalchemy import select, join
@ -220,15 +217,6 @@ def record_room_sensor_data(db: Session, entry: schemas.MonitorUpdateReadings,
    db.commit()
    db.refresh(db_item)
    monitor.humidity = entry.humidity
    monitor.temperature = entry.temperature
    monitor.people = entry.people
    monitor.smoke_sensor_reading = entry.smoke_sensor_reading
    db.add(monitor)
    db.commit()
    db.refresh(monitor)
 def increment_door_access_list_counter(db: Session, iot_entity: models.IotEntity):
    iot_entity.acces_list_counter = iot_entity.acces_list_counter + 1
    db.add(iot_entity)
@ -251,15 +239,3 @@ def update_user_status(db: Session, user: models.User, state: bool):
    db.add(user)
    db.commit()
    db.refresh(user)
 def record_emergancy_entry(db: Session, monitor_data: schemas.MonitorUpdateReadings, monitor_id: int):
    new_entry : models.EmergancyNotice = models.EmergancyNotice(
        monitor_id=monitor_id,
        people=monitor_data.people,
        temperature=monitor_data.temperature,
        smoke_sensor_reading=monitor_data.smoke_sensor_reading,
        timestamp=datetime.now()
    )
    db.add(new_entry)
    db.commit()
    db.refresh(new_entry)
--- a/sql_app/crypto.py
+++ b/sql_app/crypto.py
@ -1,5 +1,3 @@
 # March 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 import os
 from hashlib import pbkdf2_hmac
--- a/sql_app/database.py
+++ b/sql_app/database.py
@ -1,6 +1,3 @@
 # March 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 from sqlalchemy import create_engine
 from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.orm import sessionmaker
--- a/sql_app/enroll_door.py
+++ b/sql_app/enroll_door.py
@ -1,45 +0,0 @@
 # Quick enroll new device
 # Hesham T. Banafa
 # Jun 12th, 2022
 from decouple import config
 import requests
 # idk if this stays in memory...
 headers = {
  "accept": "application/json",
  "Content-type": "application/json"
 }
 def main():
    if len(sys.argv) != 4:
        print_help()
        exit(1)
    device_type = sys.argv[1]
    bluetooth_mac = sys.argv[2]
    description = sys.argv[3]
    if device_type == 'DOOR':
        mkdoor(bluetooth_mac, description)
    elif device_type == 'MONITOR':
        mkmonitor(bluetooth_mac, description)
    else:
        print('Device type not DOOR or MONITOR', file=sys.stderr)
        exit(1)
    # gen print token of bluetooth_mac
    print(create_iot_dev_token(bluetooth_mac))
 def mkdoor(bluetooth_mac: str, description: str):
   data = {
       "bluetooth_mac": bluetooth_mac,
       "description": description
    }
    #response = requests.post("")
 def mkmonitor(bluetooth_mac: str, description: str):
   pass
 def print_help():
    msg = 'usgae: enroll_iotdevice <DOOR|MONITOR> <bluetooth_mac> <description>'
    print(msg)
--- a/sql_app/file_permissios.py
+++ b/sql_app/file_permissios.py
@ -1,18 +0,0 @@
 #!/bin/python
 # Hesham T. Banafa
 # Jun 12th, 2022
 # Check enviorment file permissions and return -1 if fails or 0
 import os
 import stat
 ENV_FILE='.env'
 st = os.stat(ENV_FILE)
 if st.st_mode & stat.S_IROTH or \
    st.st_mode & stat.S_IWOTH or \
    st.st_mode & stat.S_IXOTH:
    exit(1)
 exit(0)
--- a/sql_app/init_db.py
+++ b/sql_app/init_db.py
@ -1,5 +1,3 @@
 # June 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 from . import crud, main, schemas, auth_helper
 from decouple import config
@ -57,7 +55,7 @@ def init_door():
    crud.create_iot_entity(db, iot_door)
 def init_monitor():
-    iot_monitor = schemas.IotEntityCreate(bluetooth_mac="ff:ff:ff",
+    iot_monitor = schemas.IotEntityCreate(bluetooth_mac="ff:ff:00:ff",
                                          description="Iot Lab Monitor")
    monitor_exists = crud.get_monitor_bluetooth(db, iot_monitor.bluetooth_mac)
    if monitor_exists: return
@ -68,7 +66,6 @@ def init_allowance():
 def init_sensor_data():
    monitor = crud.get_monitor(db, 1)
    if monitor.sensor_history: return
    for i in range(50):
        room_data = \
            schemas.\
@ -82,7 +79,6 @@ def init_sensor_data():
 def init_open_close_requests():
    user = crud.get_user_by_email(db, "hisham@banafa.com.sa")
    if user.access_log: return
    crud.set_open_door_request(db, 1, 10)
    log_entry = schemas.DoorAccessLog(user_id=user.id,
                                             iot_id=1,
--- a/sql_app/init_secrets.sh
+++ b/sql_app/init_secrets.sh
@ -16,5 +16,3 @@ then
    exit 255
 fi
 echo "first_user_pass=$firstpass" >> .env
 chmod 600 .env
--- a/sql_app/main.py
+++ b/sql_app/main.py
@ -1,6 +1,3 @@
 # March 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 from fastapi import Depends, FastAPI, HTTPException, status
 from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm, OAuth2AuthorizationCodeBearer
 from fastapi.security.api_key import APIKey
@ -9,7 +6,7 @@ from sqlalchemy.orm import Session
 from . import crud, models, schemas, auth_helper, init_db
 from .database import SessionLocal, engine
-from .utils import get_db, EMERG_SMOKE, EMERG_TEMP, EMERG_OPEN_TIME_SEC
+from .utils import get_db
 from typing import List
 from datetime import timedelta, datetime
@ -385,33 +382,23 @@ def polling_method_for_iot_entity(request: schemas.IotDoorPollingRequest,
                                                open_command=device.open_request,
                                                acces_list_counter=device.acces_list_counter,
                                                time_seconds=device.time_seconds,
-                                                force_close=device.force_close,
+                                                force_close=device.force_close)
                                                state=device.state)
    # Reset open_request to False
    crud.clear_open_door_request(db, device.id)
    crud.clear_close_door_request(db, device.id)
-    crud.set_door_state(db, device, bool(request.state))
+    crud.set_door_state(db, device, device.state)
    return response
@app.post("/iotdevice/monitor/status", tags=['Iot'])
 def polling_method_for_room_monitor(request: schemas.MonitorUpdateReadings,
                                    db: Session = Depends(get_db)):
-    device : models.Monitors = auth_helper.valid_monitor_token(request.token, db)
+    device : schemas.Monitor = auth_helper.valid_monitor_token(request.token, db)
    if not device:
        raise HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials")
    crud.record_room_sensor_data(db, request, device)
    if request.temperature >= EMERG_TEMP or request.smoke_sensor_reading >= EMERG_SMOKE:
        print("********EMERGENCY AT %s********" % device.description)
        door : models.IotEntity = device.door
        print("********OPENING DOOR %s ID:%d********" % (door.description, door.id))
        crud.set_open_door_request(db, door.id, EMERG_OPEN_TIME_SEC)
        crud.record_emergancy_entry(db, request, device.id)
        # Call into a hook to notify with room and people
    print(request)
    return request
@app.post("/iotdevice/door/users", response_class=PlainTextResponse, tags=['Iot'])
--- a/sql_app/models.py
+++ b/sql_app/models.py
@ -1,6 +1,3 @@
 # March 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 from sqlalchemy import Boolean, Column, ForeignKey, Integer, String, DateTime
 from sqlalchemy.orm import relationship
@ -72,6 +69,7 @@ class DoorAccessLog(Base):
 class RoomSensorData(Base):
    __tablename__ = "room_sensor_data"
    # Data is now not related to a room. We should have a construct for rooms
    reading_id = Column(Integer, primary_key=True, index=True)
    humidity = Column(Integer)
    people = Column(Integer)
@ -89,14 +87,4 @@ class UserConnectionHistory(Base):
    timestamp = Column(DateTime)
    # TODO: add ip
 class EmergancyNotice(Base):
    __tablename__ = "emergency_notice"
    id = Column(Integer, primary_key=True)
    monitor_id = Column(Integer, ForeignKey("monitors.id"), index=True)
    people = Column(Integer)
    temperature = Column(Integer)
    smoke_sensor_reading = Column(Integer)
    timestamp = Column(DateTime)
 # TODO: Add table to store active sessions. May periodically clear.
--- a/sql_app/schemas.py
+++ b/sql_app/schemas.py
@ -1,6 +1,3 @@
 # March 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 from typing import Any, List, Optional
 from pydantic import BaseModel
@ -107,7 +104,6 @@ class IotDoorPollingResponse(BaseModel):
    acces_list_counter : int
    time_seconds : int
    force_close: bool
    state: bool
 class IotMonitorRoomInfo(BaseModel):
    humidity : int
--- a/sql_app/tools/emulate_door.py
+++ b/sql_app/tools/emulate_door.py
@ -1,40 +0,0 @@
 # EE495
 # Hesham T. Banafa
 # Jun 11th, 2022
 from time import sleep
 import requests
 def poll(poll_url: str, data: dict, headers: dict) -> dict:
    res : requests.Response = \
        requests.post(poll_url, json=data, headers=headers)
    #print('sent ', data)
    print(res.text, res, res.reason)
    if res.status_code != 200: return None
    return res.json()
 def emulate(poll_url, token_in: str):
    mac = "94:b9:7e:fb:57:1a"
    polling_interval_secons = 1
    polling_headers = {
        'accept' : 'application/json',
        'Content-Type': 'application/json' 
    }
    stop = False
    state = False
    while (not stop):
        sleep(polling_interval_secons)
        data = {
            'bluetooth_mac': mac,
            'state': state,
            'token': token_in
        }
        data_dict = poll(poll_url, data, polling_headers)
        if not data_dict: continue
        if data_dict['open_command']: state = True
 if __name__ == '__main__':
    emulate("https://ibs.cronos.typedef.cf:4040/iotdevice/door/status", 
    "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJibHVldG9vdGhfbWFjIjoiOTQ6Yjk6N2U6ZmI6NTc6MWEifQ.oRbL0U70g8HGkKIOnwkesDiB40VWTPmwIWiysvP-hXA")
--- a/sql_app/utils.py
+++ b/sql_app/utils.py
@ -1,5 +1,3 @@
 # May 2022
 # Hesham T. Banafa <hishaminv@gmail.com>
 from .database import SessionLocal
@ -9,8 +7,3 @@ def get_db():
        yield db
    finally:
        db.close()
 EMERG_TEMP = 50
 EMERG_SMOKE = 1000
 EMERG_OPEN_TIME_SEC = 500