-
Notifications
You must be signed in to change notification settings - Fork 25
/
main.py
192 lines (163 loc) · 6.61 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
"""`main` is the top level module for your Bottle application."""
import bottle
from bottle import get, post, route, abort, redirect, template, request, response
from google.appengine.api import app_identity, urlfetch, users
from google.appengine.ext import ndb
import json
import logging
import os
import urllib
DEFAULT_GCM_ENDPOINT = 'https://android.googleapis.com/gcm/send'
TYPE_STOCK = 1
TYPE_CHAT = 2
class GcmSettings(ndb.Model):
SINGLETON_DATASTORE_KEY = 'SINGLETON'
@classmethod
def singleton(cls):
return cls.get_or_insert(cls.SINGLETON_DATASTORE_KEY)
endpoint = ndb.StringProperty(
default=DEFAULT_GCM_ENDPOINT,
indexed=False)
sender_id = ndb.StringProperty(default="", indexed=False)
api_key = ndb.StringProperty(default="", indexed=False)
# TODO: Probably cheaper to have a singleton entity with a repeated property?
class Registration(ndb.Model):
type = ndb.IntegerProperty(required=True, choices=[TYPE_STOCK, TYPE_CHAT])
creation_date = ndb.DateTimeProperty(auto_now_add=True)
@route('/setup', method=['GET', 'POST'])
def setup():
# app.yaml should already have ensured that the user is logged in as admin.
if not users.is_current_user_admin():
abort(401, "Sorry, only administrators can access this page.")
is_dev = os.environ.get('SERVER_SOFTWARE', '').startswith('Development')
setup_scheme = 'http' if is_dev else 'https'
setup_url = '%s://%s/setup' % (setup_scheme,
app_identity.get_default_version_hostname())
if request.url != setup_url:
redirect(setup_url)
result = ""
settings = GcmSettings.singleton()
if (request.forms.sender_id and request.forms.api_key and
request.forms.endpoint):
# Basic CSRF protection (will block some valid requests, like
# https://1-dot-johnme-gcm.appspot.com/setup but ohwell).
if request.get_header('Referer') != setup_url:
abort(403, "Invalid Referer.")
settings.endpoint = request.forms.endpoint
settings.sender_id = request.forms.sender_id
settings.api_key = request.forms.api_key
settings.put()
result = 'Updated successfully'
return template('setup', result=result,
endpoint=settings.endpoint,
sender_id=settings.sender_id,
api_key=settings.api_key)
@get('/manifest.json')
def manifest():
return {
'gcm_sender_id': GcmSettings.singleton().sender_id,
'gcm_user_visible_only': True
}
@get('/stock')
def stock_redirect():
redirect("/stock/")
@get('/stock/')
def stock():
"""Single page stock app. Displays stock data and lets users register."""
return template_with_sender_id('stock')
@get('/stock/admin')
def stock_admin():
"""Lets "admins" trigger stock price drops and clear stock registrations."""
# Despite the name, this route has no credential checks - don't put anything
# sensitive here!
# This template doesn't actually use the sender_id, but we want the warning.
return template_with_sender_id('stock_admin')
@get('/chat')
def chat_redirect():
redirect("/chat/")
@get('/chat/')
def chat():
"""Single page chat app."""
return template_with_sender_id('chat', user_from_get = request.query.get('user') or '')
@get('/admin')
def legacy_chat_admin_redirect():
redirect("/chat/admin")
@get('/chat/admin')
def chat_admin():
"""Lets "admins" clear chat registrations."""
# Despite the name, this route has no credential checks - don't put anything
# sensitive here!
# This template doesn't actually use the sender_id, but we want the warning.
return template_with_sender_id('chat_admin')
def template_with_sender_id(*args, **kwargs):
settings = GcmSettings.singleton()
if not settings.sender_id or not settings.api_key:
abort(500, "You need to visit /setup to provide a GCM sender ID and "
"corresponding API key")
kwargs['sender_id'] = settings.sender_id
return template(*args, **kwargs)
@post('/stock/register')
def register_stock():
return register(TYPE_STOCK)
@post('/chat/register')
def register_chat():
return register(TYPE_CHAT)
def register(type):
"""XHR adding a registration ID to our list."""
if request.forms.registration_id:
if request.forms.endpoint != DEFAULT_GCM_ENDPOINT:
abort(500, "Push servers other than GCM are not yet supported.")
registration = Registration.get_or_insert(request.forms.registration_id,
type=type)
registration.put()
response.status = 201
return ""
@post('/stock/clear-registrations')
def clear_stock_registrations():
ndb.delete_multi(Registration.query(Registration.type == TYPE_STOCK)
.fetch(keys_only=True))
return ""
@post('/chat/clear-registrations')
def clear_chat_registrations():
ndb.delete_multi(Registration.query(Registration.type == TYPE_CHAT)
.fetch(keys_only=True))
return ""
@post('/stock/trigger-drop')
def send_stock():
return send(TYPE_STOCK, '["May", 183]')
@post('/chat/send')
def send_chat():
return send(TYPE_CHAT, request.forms.message)
def send(type, data):
"""XHR requesting that we send a push message to all users."""
# TODO: Should limit batches to 1000 registration_ids at a time.
registration_ids = [r.key.string_id() for r in Registration.query(
Registration.type == type).iter()]
if not registration_ids:
abort(500, "No registered devices.")
post_data = json.dumps({
'registration_ids': registration_ids,
'data': {
'data': data, #request.forms.msg,
},
#"collapse_key": "score_update",
#"time_to_live": 108,
#"delay_while_idle": true,
})
settings = GcmSettings.singleton()
result = urlfetch.fetch(url=settings.endpoint,
payload=post_data,
method=urlfetch.POST,
headers={
'Content-Type': 'application/json',
'Authorization': 'key=' + settings.api_key,
},
validate_certificate=True)
if result.status_code != 200:
logging.error("Sending failed:\n" + result.content)
abort(500, "Sending failed (status code %d)." % result.status_code)
#return "%d message(s) sent successfully." % len(registration_ids)
response.status = 202
return ""
bottle.run(server='gae', debug=True)
app = bottle.app()