# March 2022 # Hesham T. Banafa from fastapi import Depends, FastAPI, HTTPException, status from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm, OAuth2AuthorizationCodeBearer from fastapi.security.api_key import APIKey from fastapi.responses import PlainTextResponse from sqlalchemy.orm import Session from . import crud, models, schemas, auth_helper, init_db from .database import SessionLocal, engine from .utils import get_db, EMERG_SMOKE, EMERG_TEMP, EMERG_OPEN_TIME_SEC from typing import List from datetime import timedelta, datetime import jwt models.Base.metadata.create_all(bind=engine) oauth = OAuth2PasswordBearer(tokenUrl="tkn") app = FastAPI(title="IoT Building System") # Split into endpoints modules #app.include_router(users.router,prefix="/users", tags=["User"]) init_db.init() def get_current_user(token: str = Depends(oauth), db: Session = Depends(get_db)): credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) try: payload = jwt.decode(token, auth_helper.JWT_SECRET, algorithms=[auth_helper.JWT_ALGO]) username: str = payload.get("sub") if username is None: raise credentials_exception token_data = schemas.TokenData(username=username) except jwt.PyJWTError: raise credentials_exception user = crud.get_user_by_username(db, username=token_data.username) if user is None: raise credentials_exception return user def get_current_active_user(current_user: schemas.User = Depends(get_current_user)): if not current_user.is_active: raise HTTPException(status_code=400, detail="Inactive user") return current_user def get_current_iot_device(current_device: schemas.IotBluetoothMac = Depends(), db: Session = Depends(get_db)): credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) payload = jwt.decode(token, auth_helper.JWT_SECRET, algorithms=[auth_helper.JWT_ALGO]) mac_signed = payload.get("bluetooth_mac") if (mac_signed != current_device): raise credentials_exception device = crud.get_iot_entity_by_bluetooth_mac(db, mac_signed) return device @app.post("/users/reg", response_model=schemas.User, tags=['Users']) def create_user(user: schemas.UserCreate, db: Session = Depends(get_db)): db_user = crud.get_user_by_email(db, email=user.email) if db_user: raise HTTPException(status_code=400, detail="Email/Username already registered") db_user = crud.get_user_by_username(db, username=user.username) if db_user: raise HTTPException(status_code=400, detail="Email/Username already registered") db_user = crud.create_user(db=db, user=user) if not db_user: raise HTTPException(status_code=500, detail="Failed to create user") access_token = auth_helper.create_access_token( data={"sub": db_user.username}, expires_delta=timedelta(minutes=15) ) crud.set_user_last_token(db, db_user.username, access_token) #crud.record_user_connection(db, db_user, datetime.now()) return db_user @app.get("/users/me/", response_model=schemas.User, tags=['Users']) def get_user_details(db: Session = Depends(get_db), current_user: schemas.User = Depends(get_current_active_user)): #crud.record_user_connection(db, current_user, datetime.now()) return current_user @app.post("/users/open", tags=['Users']) def issue_open_door_command(command: schemas.OpenDoorRequestTime, db: Session = Depends(get_db), current_user: schemas.User = Depends(get_current_active_user)): err = HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Unauthrized to open") device = crud.get_iot_entity_by_bluetooth_mac(db, command.bluetooth_mac) if not device: raise err # TODO: Use database search rather then this linear search user = crud.get_user(db, current_user.id) for dev in user.authorized_devices: if dev.bluetooth_mac == device.bluetooth_mac: crud.set_open_door_request(db, device.id, command.time_seconds) log_entry = schemas.DoorAccessLog(user_id=current_user.id, iot_id=device.id, command="OPEN", timestamp=datetime.now()) crud.record_door_access_log(db, log_entry) #crud.record_user_connection(db, current_user, datetime.now()) return device raise err @app.post("/users/close", tags=['Users']) def issue_close_door_command(command: schemas.CloseDoorRequest, db: Session = Depends(get_db), current_user: schemas.User = Depends(get_current_active_user)): err = HTTPException(status.HTTP_401_UNAUTHORIZED, detail="Unaithrized to close") device = crud.get_iot_entity_by_bluetooth_mac(db, command.bluetooth_mac) if not device: raise err user = crud.get_user(db, current_user.id) for dev in user.authorized_devices: if dev.bluetooth_mac == device.bluetooth_mac: crud.set_close_door_request(db, device.id) log_entry = schemas.DoorAccessLog(user_id=current_user.id, iot_id=device.id, command="CLOSE", timestamp=datetime.now()) crud.record_door_access_log(db, log_entry) #crud.record_user_connection(db, current_user, datetime.now()) return device @app.get("/users/acesslist/", response_model=List[schemas.RoomOverview], tags=['Users']) def get_iot_access_list_for_user(db: Session = Depends(get_db), current_user: schemas.User = Depends(get_current_active_user)): user = crud.get_user_by_username(db, current_user.username) access_list = list() for device in user.authorized_devices: door : models.IotEntity = device monitor : models.Monitors = door.monitor if not monitor: raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail="No Room link") entry : schemas.RoomOverview = schemas.RoomOverview( id=door.id, description=door.description, bluetooth_mac=door.bluetooth_mac, open_request=door.open_request, time_seconds=door.time_seconds, acces_list_counter=door.acces_list_counter, humidity=monitor.humidity, people=monitor.people, temperature=monitor.temperature, smoke_sensor_reading=monitor.smoke_sensor_reading, force_close=door.force_close, state=door.state ) access_list.append(entry) #crud.record_user_connection(db, user, datetime.now()) return access_list @app.patch("/users/updatepassword", tags=['Users']) def change_user_password(request: schemas.UserUpdatePassword, current_user: models.User = Depends(get_current_active_user), db: Session = Depends(get_db)): crud.update_user_password(db, current_user, request) return @app.post("/users/tkn", response_model=schemas.Token, tags=['Users']) @app.post("/tkn", response_model=schemas.Token, tags=['Users']) def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)): user = auth_helper.authenticate_user(db, form_data.username, form_data.password) if not user: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect username or password", headers={"WWW-Authenticate": "Bearer"}, ) #access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = auth_helper.create_access_token( data={"sub": form_data.username}, expires_delta=timedelta(minutes=15) ) crud.set_user_last_token(db, form_data.username, access_token) #crud.record_user_connection(db, user, datetime.now()) return {"access_token": access_token, "token_type": "bearer"} @app.get("/admin/users/", response_model=List[schemas.User], tags=['Admin']) def read_users(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)): users = crud.get_users(db, skip=skip, limit=limit) return users @app.get("/admin/iotentities/", response_model=List[schemas.IotEntity], tags=['Admin']) def read_iot_entities(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)): iot_entities = crud.get_iot_entities(db, skip=skip, limit=limit) return iot_entities @app.get("/admin/monitors/", response_model=List[schemas.Monitor], tags=['Admin']) def read_iot_monitors(skip: int = 0, limit: int = 100, db: Session = Depends(get_db)): monitors = crud.get_monitors(db, skip=skip, limit=limit) return monitors # TODO: Can duplicate @app.post("/admin/iotentities/create", response_model=schemas.IotEntity, tags=['Admin']) def create_iot_entities(iot_entity: schemas.IotEntityCreate, db: Session = Depends(get_db)): iot_entities = crud.create_iot_entity(db, iot_entity) return iot_entities @app.post("/admin/monitor/create", response_model=schemas.Monitor, tags=['Admin']) def create_monitor(iot_entity: schemas.IotEntityBase, db: Session = Depends(get_db)): monitor = crud.create_monitor(db, iot_entity) return monitor @app.get("/admin/users/{user_id}", response_model=schemas.User, tags=['Admin']) def read_user(user_id: int, db: Session = Depends(get_db)): db_user = crud.get_user(db, user_id=user_id) if db_user is None: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="User not found") return db_user @app.patch("/admin/users/allowdevice/id", tags=['Admin']) def allow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityRequestByID, db: Session = Depends(get_db)): user = crud.get_user(db, request.user_id) if not user: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="User not found") iot_entity = crud.get_iot_entity(db, request.iot_entity_id) if not iot_entity: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="Iot Entity not found") res = crud.create_user_link_to_iot(db, request.user_id, request.iot_entity_id) if not res: raise HTTPException(status.HTTP_500_INTERNAL_SERVER_ERROR, detail="Could not complete operation") crud.increment_door_access_list_counter(db, iot_entity) return @app.patch("/admin/users/disallowdevice/id", tags=['Admin']) def disallow_user_for_iot_entity_by_id(request: schemas.UserAllowForIotEntityRequestByID, db: Session = Depends(get_db)): user = crud.get_user(db, request.user_id) if not user: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="User not found") iot_entity = crud.get_iot_entity(db, request.iot_entity_id) if not iot_entity: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="Iot Entity not found") res = crud.remove_user_link_to_iot(db, request.user_id, request.iot_entity_id) if not res: raise HTTPException(status.HTTP_500_INTERNAL_SERVER_ERROR, detail="Could not complete operation") crud.increment_door_access_list_counter(db, iot_entity) return @app.patch("/admin/users/allowdevice/name", tags=['Admin']) def allow_user_for_iot_entity_by_name(request: schemas.UserAllowForIotEntityRequestByUsername, db: Session = Depends(get_db)): user = crud.get_user_by_username(db, request.username) if not user: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="User not found") iot_entity = crud.get_iot_entity_by_description(db, request.description) if not iot_entity: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="Iot Entity not found") res = crud.create_user_link_to_iot(db, user.id, iot_entity.id) if not res: raise HTTPException(status.HTTP_500_INTERNAL_SERVER_ERROR, detail="Could not complete operation") return @app.patch("/admin/users/{user_id}/deactiveate", tags=['Admin']) def deactiveate_user(user_id: int, db:Session = Depends(get_db)): user = crud.get_user(db, user_id) crud.update_user_status(db, user, False) @app.patch("/admin/users/{user_id}/activeate", tags=['Admin']) def deactiveate_user(user_id: int, db:Session = Depends(get_db)): user = crud.get_user(db, user_id) crud.update_user_status(db, user, True) @app.post("/admin/iotdevice/gentoken/", response_model=schemas.Token, tags=['Admin']) def generate_token_for_iot_device(bluetooth_mac : schemas.IotBluetoothMac): # api_key: APIKey = Depends(auth_helper.valid_api_key) # We get here after a valid admin key, so send back permenant token data = {"bluetooth_mac": bluetooth_mac.bluetooth_mac} tkn = auth_helper.create_iot_dev_token(data) return {"access_token": tkn, "token_type": "bearer"} @app.patch("/admin/link/monitor/{monitor_id}/door/{door_id}", tags=['Admin']) def link_monitor_with_door(monitor_id: int, door_id: int, db: Session = Depends(get_db)): monitor = crud.get_monitor(db, monitor_id) door = crud.get_iot_entity(db, door_id) monitor.door = door crud.update_monitor(db, monitor) return monitor @app.post("/admin/user/accesslog/email/", tags=['Admin']) def get_access_log_history_for_user(request : schemas.UserAccessLogRequestEmail, db : Session = Depends(get_db)): user = crud.get_user_by_email(db, request.email) if not user: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="User not found") return user.access_log @app.post("/admin/user/accesslog/username/", tags=['Admin']) def get_access_log_history_for_user(request : schemas.UserAccessLogRequestUsername, db : Session = Depends(get_db)): user = crud.get_user_by_username(db, request.username) if not user: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="User not found") return user.access_log @app.get("/admin/roominfo/{door_id}/now", tags=['Admin']) def get_room_data(door_id: int, db: Session = Depends(get_db)): door = crud.get_iot_entity(db, door_id) if not door: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Door not found") monitor : models.Monitors = door.monitor if not monitor: raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail="No Room link") data = monitor.sensor_history if not data or len(data) == 0: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="No Sensor data") return data[-1] @app.get("/admin/roominfo/{monitor_id}/now", tags=['Admin']) def get_room_data(monitor_id: int, db: Session = Depends(get_db)): monitor = crud.get_monitor(db, monitor_id) if not monitor: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Monitor not found") if not monitor.door_id: raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail="Monitor not linked") data = crud.get_room_data_now(db, monitor.door_id) if data == -1: raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail="No Room link") if data == -2: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="No Sensor data") return data @app.get("/admin/roominfo/{monitor_id}/last/{count}", tags=['Admin']) def get_all_sensor_history(monitor_id: int, count: int, db: Session = Depends(get_db)): monitor = crud.get_monitor(db, monitor_id) if not monitor: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Monitor not found") data = monitor.sensor_history if not data or len(data) == 0: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="No Sensor data") return data[-count:] @app.post("/admin/roominfo/accesslog",response_model=List[schemas.DoorAccessLog], tags=['Admin']) def get_access_log_for_door(request : schemas.AccessLogRequest, db : Session = Depends(get_db)): device: models.IotEntity = crud.get_iot_entity(db, request.iot_id) if not device: raise HTTPException(status.HTTP_404_NOT_FOUND, detail="Iot Entity not found") return device.access_log @app.post("/iotdevice/door/status", response_model=schemas.IotDoorPollingResponse, tags=['Iot']) def polling_method_for_iot_entity(request: schemas.IotDoorPollingRequest, db: Session = Depends(get_db)): device: models.IotEntity = auth_helper.valid_iot_token(request.token, db) if not device: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials") response : schemas.IotDoorPollingResponse = schemas.IotDoorPollingResponse( open_command=device.open_request, acces_list_counter=device.acces_list_counter, time_seconds=device.time_seconds, force_close=device.force_close, state=device.state) # Reset open_request to False crud.clear_open_door_request(db, device.id) crud.clear_close_door_request(db, device.id) crud.set_door_state(db, device, bool(request.state)) return response @app.post("/iotdevice/monitor/status", tags=['Iot']) def polling_method_for_room_monitor(request: schemas.MonitorUpdateReadings, db: Session = Depends(get_db)): device : models.Monitors = auth_helper.valid_monitor_token(request.token, db) if not device: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials") crud.record_room_sensor_data(db, request, device) if request.temperature >= EMERG_TEMP or request.smoke_sensor_reading >= EMERG_SMOKE: print("********EMERGENCY AT %s********" % device.description) door : models.IotEntity = device.door print("********OPENING DOOR %s ID:%d********" % (door.description, door.id)) crud.set_open_door_request(db, door.id, EMERG_OPEN_TIME_SEC) crud.record_emergancy_entry(db, request, device.id) # Call into a hook to notify with room and people print(request) return request @app.post("/iotdevice/door/users", response_class=PlainTextResponse, tags=['Iot']) def get_allowed_usernames(request: schemas.IotDoorPollingRequest, db: Session = Depends(get_db)): iot_door : models.IotEntity = auth_helper.valid_iot_token(request.token, db) if not iot_door: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials") usernames = str() for user in iot_door.authorized_users: db_user : models.User = user usernames = usernames + db_user.username + '\n' return usernames @app.post("/iotdevice/door/tkns", response_class=PlainTextResponse, tags=['Iot']) def get_allowed_usernames(request: schemas.IotDoorPollingRequest, db: Session = Depends(get_db)): iot_door : models.IotEntity = auth_helper.valid_iot_token(request.token, db) if not iot_door: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials") tkns = str() for user in iot_door.authorized_users: db_user : models.User = user tkns = tkns + db_user.last_token + '\n' return tkns @app.get("/test") def get(db: Session = Depends(get_db)): mon = crud.get_monitor(db, "ff:ff:ff:ff") return mon.door