Skip to content

Commit

Permalink
Add CGI middleware for requests to People API (#346)
Browse files Browse the repository at this point in the history
* Add CGI wrapper for People API requests

* Add CGI handler to dev server

* Point Auth to new People API endpoint

* Deploy cgi-bin

* Condense print statements in CGI script

Co-authored-by: Nate Foss <[email protected]>
  • Loading branch information
2 people authored and miriam-rittenberg committed Oct 21, 2020
1 parent 6bf0a50 commit a779e68
Show file tree
Hide file tree
Showing 7 changed files with 125 additions and 10 deletions.
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -108,3 +108,6 @@ public

# TernJS port file
.tern-port

# Credentials for the MIT People API
credentials.ini
9 changes: 9 additions & 0 deletions build/webpack.config.dev.js
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
'use strict'
const webpack = require('webpack')
const { VueLoaderPlugin } = require('vue-loader')
const { resolve } = require('path')
const MiniCssExtractPlugin = require('mini-css-extract-plugin')
const HtmlWebpackPlugin = require('html-webpack-plugin')
const cgi = require('cgi')

module.exports = (env) => {
return {
Expand All @@ -15,6 +17,13 @@ module.exports = (env) => {
hot: true,
watchOptions: {
poll: true
},
before: function (app, server, compiler) {
// Before handing all other dev server requests, check if the route is to the People API middleware and pass
// it to the CGI handler.
app.get('/cgi-bin/people.py', function (req, res) {
cgi(resolve(__dirname, '..', 'cgi-bin', 'people.py'))(req, res)
})
}
},
module: {
Expand Down
44 changes: 44 additions & 0 deletions cgi-bin/people.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
#!/usr/bin/python3
from cgi import FieldStorage
from configparser import ConfigParser
from json import dumps, loads
from os import path
from requests import get

args = FieldStorage()

error = 'Status: 400 Bad Request\n'
header = 'Content-Type: application/json\n\n'

if 'kerb' not in args:
output = {"error": "kerb was not specified"}
header = error + header
else:
c = ConfigParser()
try:
with open(path.join(path.dirname(path.realpath(__file__)), 'credentials.ini')) as fp:
c.read_file(fp)
response = get('https://mit-people-v3.cloudhub.io/people/v3/people/{0}'.format(args['kerb'].value), headers={'client_id': c['Credentials']['ID'], 'client_secret': c['Credentials']['Secret']})
if response.status_code != 200:
header = error + header
output = {"error": "could not get user data"}
else:
data = loads(response.text)
if data['item']['affiliations'][0]['type'] != "student":
header = error + header
output = {"error": "user is not a student"}
else:
year = data['item']['affiliations'][0]['classYear']
if year == "G":
header = error + header
output = {"error": "user is a graduate student (currently unhandled)"}
else:
year = int(year)
year = year - 1
output = {"year": year}
except Exception:
header = error + header
output = {"error": "could not read credentials"}

print(header)
print(dumps(output))
4 changes: 2 additions & 2 deletions deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,12 +10,12 @@ if [ "$1" = "prod" ]; then
echo -n "You are about to deploy to the production site, are you sure? (y/n)? "
read answer
if [ "$answer" != "${answer#[Yy]}" ] ;then
scp -r deploy/production/.htaccess dist/* $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/
scp -r deploy/production/.htaccess dist/* cgi-bin/ $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/
else
echo cancelled
fi
elif [ "$1" = "dev" ]; then
scp -r deploy/development/.htaccess dist/* $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/dev/
scp -r deploy/development/.htaccess dist/* cgi-bin/ $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/dev/
else
echo "Invalid build location"
fi
56 changes: 56 additions & 0 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
"main": "index.js",
"dependencies": {
"axios": "^0.19.0",
"cgi": "^0.3.1",
"jquery": "^3.3.1",
"material-design-icons-iconfont": "^4.0.5",
"moment": "^2.24.0",
Expand Down
18 changes: 10 additions & 8 deletions src/components/Auth.vue
Original file line number Diff line number Diff line change
Expand Up @@ -125,19 +125,21 @@ export default {
const email = this.accessInfo.academic_id;
const endPoint = email.indexOf('@');
const kerb = email.slice(0, endPoint);
axios.get('https://mit-people-v3.cloudhub.io/people/v3/people/' + kerb,
{ headers: { 'client_id': '01fce9ed7f9d4d26939a68a4126add9b',
'client_secret': 'D4ce51aA6A32421DA9AddF4188b93255' } })
axios.get(process.env.APP_URL + '/cgi-bin/people.py?kerb=' + kerb)
.then(response => {
// subtract 1 for zero-indexing
const year = response.data.item.affiliations[0].classYear - 1;
if (year === undefined) {
if (response.status !== 200) {
console.log('Failed to find user year');
} else {
this.changeSemester(year);
const year = response.data.year;
if (year === undefined) {
console.log('Failed to find user year');
} else {
this.changeSemester(year);
console.log('setting year to ' + year);
}
}
});
};
}
}
},
mounted () {
Expand Down

0 comments on commit a779e68

Please sign in to comment.