nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-14 06:42:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added API access tracking to EVE Proxy and presented via SSO.

Browse Source
This commit is contained in:
Andrew Williams
2010-05-30 22:16:00 +01:00
parent 981a1843a6
commit 31e324d0a2
7 changed files with 110 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
eve_proxy/admin.py
View File

@@ -1,5 +1,5 @@
from django.contrib import admin
from eve_proxy.models import CachedDocument
from eve_proxy.models import CachedDocument, ApiAccessLog
class CachedDocumentAdmin(admin.ModelAdmin):
model = CachedDocument
@@ -7,3 +7,10 @@ class CachedDocumentAdmin(admin.ModelAdmin):
verbose_name = 'Cached Document'
verbose_name_plural = 'Cached Documents'
admin.site.register(CachedDocument, CachedDocumentAdmin)
class ApiAccessLogAdmin(admin.ModelAdmin):
model = ApiAccessLog
list_display = ('userid', 'service', 'document', 'time_access')
verbose_name = 'API Access Log'
verbose_name_plural = 'API Access Logs'
admin.site.register(ApiAccessLog, ApiAccessLogAdmin)

44
eve_proxy/models.py
View File

@@ -60,17 +60,17 @@ class CachedDocumentManager(models.Manager):
May also be a string representation of
the query: userID=1&characterID=xxxxxxxx
"""
if type({}) == type(params):
# If 'params' is a dictionary, convert it to a URL string.
params = urllib.urlencode(params)
elif params == None or params.strip() == '':
paramstr = urllib.urlencode(params)
if params == None or paramstr.strip() == '':
# For whatever reason, EVE API freaks out if there are no parameters.
# Add a bogus parameter if none are specified. I'm sure there's a
# better fix for this.
params = 'odd_parm=1'
paramstr = 'odd_parm=1'
# Combine the URL path and the parameters to create the full query.
query_name = '%s?%s' % (url_path, params)
query_name = '%s?%s' % (url_path, paramstr)
if no_cache:
# If no_cache is enabled, don't even attempt a lookup.
@@ -84,14 +84,33 @@ class CachedDocumentManager(models.Manager):
# EVE uses UTC.
current_eve_time = datetime.utcnow()
# If we have a service ID, store and strip it from the query string.
if 'service' in params:
service = params['service']
del params['service']
else:
service = 'auth'
if 'userID' in params:
userid = params['userID']
# Figure out if we need hit EVE API and re-cache, or just pull from
# the local cache (based on cached_until).
if no_cache or created or \
cached_doc.cached_until == None or \
current_eve_time > cached_doc.cached_until:
# Cache from EVE API
dom = self.cache_from_eve_api(cached_doc, url_path, params,
dom = self.cache_from_eve_api(cached_doc, url_path, paramstr,
no_cache=no_cache)
# If its a user related request, log the transaction.
if 'userID' in params:
log = ApiAccessLog()
log.userid = userid
log.service = service
log.time_access = datetime.utcnow()
log.document = url_path
log.save()
else:
# Parse the document here since it was retrieved from the
# database cache instead of queried for.
@@ -100,6 +119,8 @@ class CachedDocumentManager(models.Manager):
# Check for the presence errors. Only check the bare minimum,
# generic stuff that applies to most or all queries. User-level code
# should check for the more specific errors.
if dom:
error_node = dom.getElementsByTagName('error')
if error_node:
error_code = error_node[0].getAttribute('code')
@@ -122,3 +143,12 @@ class CachedDocument(models.Model):
# The custom manager handles the querying.
objects = CachedDocumentManager()
class ApiAccessLog(models.Model):
"""
Provides a list of API accesses made by applications or Auth
"""
userid = models.IntegerField()
service = models.CharField(max_length=255)
time_access = models.DateTimeField()
document = models.CharField(max_length=255)

20
eve_proxy/views.py
View File

@@ -1,5 +1,5 @@
from django.core.urlresolvers import reverse
from django.http import HttpResponse
from django.http import HttpResponse, HttpResponseNotFound
from eve_proxy.models import CachedDocument
def retrieve_xml(request):
@@ -12,18 +12,28 @@ def retrieve_xml(request):
# The parameters attached to the end of the URL path.
if request.method == 'POST':
params = request.POST.urlencode()
print params
p = request.POST
else:
params = request.META['QUERY_STRING']
print params
p = request.GET
# Convert the QuerySet object into a dict
params = {}
for key,value in p.items():
params[key] = value
if url_path == '/' or url_path == '':
# If they don't provide any kind of query, shoot a quick error message.
return HttpResponse('No API query specified.')
if not 'service' in params:
return HttpResponse('No Service ID provided.')
# The query system will retrieve a cached_doc that was either previously
# or newly cached depending on cache intervals.
cached_doc = CachedDocument.objects.api_query(url_path, params)
# Return the document's body as XML.
if cached_doc:
return HttpResponse(cached_doc.body, mimetype='text/xml')
return HttpResponseNotFound('Error retrieving the document')

1
sso/urls.py
View File

@@ -17,6 +17,7 @@ urlpatterns = patterns('',
(r'^profile/del/reddit/$', views.reddit_del),
(r'^profile/del/reddit/(?P<redditid>\d+)/$', views.reddit_del),
(r'^profile/refresh/eveapi/(?P<userid>\d+)/$', views.eveapi_refresh),
(r'^profile/log/eveapi/(?P<userid>\d+)/$', views.eveapi_log),
(r'^profile/characters$', views.characters),
(r'^profile/characters/(?P<charid>.*)/$', views.characters),
(r'^users/(?P<username>.*)/$', views.user_view),

17
sso/views.py
View File

@@ -12,6 +12,8 @@ from eve_api.api_exceptions import APIAuthException, APINoUserIDException
from eve_api.api_puller.accounts import import_eve_account
from eve_api.models.api_player import EVEAccount, EVEPlayerCharacter
from eve_proxy.models import ApiAccessLog
from sso.models import ServiceAccount, Service, SSOUser, ExistingUser, ServiceError
from sso.forms import EveAPIForm, UserServiceAccountForm, ServiceAccountResetForm, RedditAccountForm, UserLookupForm
@@ -132,6 +134,21 @@ def eveapi_refresh(request, userid=0):
return HttpResponseRedirect(reverse('sso.views.profile'))
@login_required
def eveapi_log(request, userid=0):
if userid > 0 :
try:
acc = EVEAccount.objects.get(id=userid)
except:
pass
if acc and (acc.user == request.user or request.user.is_staff):
logs = ApiAccessLog.objects.filter(userid=userid)[:50]
return render_to_response('sso/eveapi_log.html', locals(), context_instance=RequestContext(request))
return HttpResponseRedirect(reverse('sso.views.profile'))
@login_required
def service_add(request):
clsform = UserServiceAccountForm(request.user)

19
templates/sso/eveapi_log.html Normal file
View File

@@ -0,0 +1,19 @@
{% extends "base.html" %}
{% block title %}EVE API Access Logs{% endblock %}
{% block content %}
<h1>Access Logs for API Key {{ userid }}</h1>
<table>
<tr><th>Service ID</th><th>Date / Time</th><th>API</th></tr>
{% for log in logs %}
<tr><td>{{ log.service }}</td>
<td>{{ log.time_access }}</td>
<td>{{ log.document }}</td>
</tr>
{% endfor %}
</table>
{% endblock %}

1
templates/sso/profile.html
View File

@@ -69,6 +69,7 @@ setup.</p>
<td>{{ acc.api_status_description }}</td>
<td>{{ acc.api_last_updated|naturaltimediff }}</td>
<td><a href="{% url sso.views.eveapi_refresh acc.api_user_id %}">Refresh</a>,&nbsp;
<a href="{% url sso.views.eveapi_log acc.api_user_id %}">Logs</a>,&nbsp;
<a href="{% url sso.views.eveapi_del acc.api_user_id %}">Delete</a></td>
</tr>
</tbody>