Add CGI middleware for requests to People API

.gitignore

@@ -108,3 +108,6 @@ public
 
 # TernJS port file
 .tern-port
+
+# Credentials for the MIT People API
+credentials.ini

build/webpack.config.dev.js

@@ -1,8 +1,10 @@
 'use strict'
 const webpack = require('webpack')
 const { VueLoaderPlugin } = require('vue-loader')
+const { resolve } = require('path')
 const MiniCssExtractPlugin = require('mini-css-extract-plugin')
 const HtmlWebpackPlugin = require('html-webpack-plugin')
+const cgi = require('cgi')
 
 module.exports = (env) => {
   return {
@@ -15,6 +17,13 @@ module.exports = (env) => {
       hot: true,
       watchOptions: {
         poll: true
+      },
+      before: function (app, server, compiler) {
+        // Before handing all other dev server requests, check if the route is to the People API middleware and pass
+        // it to the CGI handler.
+        app.get('/cgi-bin/people.py', function (req, res) {
+          cgi(resolve(__dirname, '..', 'cgi-bin', 'people.py'))(req, res)
+        })
       }
     },
     module: {

cgi-bin/people.py

@@ -0,0 +1,44 @@
+#!/usr/bin/python3
+from cgi import FieldStorage
+from configparser import ConfigParser
+from json import dumps, loads
+from os import path
+from requests import get
+
+args = FieldStorage()
+
+error = 'Status: 400 Bad Request\n'
+header = 'Content-Type: application/json\n\n'
+
+if 'kerb' not in args:
+    output = {"error": "kerb was not specified"}
+    header = error + header
+else:
+    c = ConfigParser()
+    try:
+        with open(path.join(path.dirname(path.realpath(__file__)), 'credentials.ini')) as fp:
+            c.read_file(fp)
+        response = get('https://mit-people-v3.cloudhub.io/people/v3/people/{0}'.format(args['kerb'].value), headers={'client_id': c['Credentials']['ID'], 'client_secret': c['Credentials']['Secret']})
+        if response.status_code != 200:
+            header = error + header
+            output = {"error": "could not get user data"}
+        else:
+            data = loads(response.text)
+            if data['item']['affiliations'][0]['type'] != "student":
+                header = error + header
+                output = {"error": "user is not a student"}
+            else:
+                year = data['item']['affiliations'][0]['classYear']
+                if year == "G":
+                    header = error + header
+                    output = {"error": "user is a graduate student (currently unhandled)"}
+                else:
+                    year = int(year)
+                    year = year - 1
+                    output = {"year": year}
+    except Exception:
+        header = error + header
+        output = {"error": "could not read credentials"}
+
+print(header)
+print(dumps(output))

deploy.sh

@@ -10,12 +10,12 @@ if [ "$1" = "prod" ]; then
   echo -n "You are about to deploy to the production site, are you sure? (y/n)? "
   read answer
   if [ "$answer" != "${answer#[Yy]}" ] ;then
-    scp -r deploy/production/.htaccess dist/* $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/
+    scp -r deploy/production/.htaccess dist/* cgi-bin/ $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/
   else
     echo cancelled
   fi
 elif [ "$1" = "dev" ]; then
-    scp -r deploy/development/.htaccess dist/* $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/dev/
+    scp -r deploy/development/.htaccess dist/* cgi-bin/ $2@athena.dialup.mit.edu:/mit/courseroad/web_scripts/courseroad/dev/
 else
   echo "Invalid build location"
 fi

package.json

@@ -15,6 +15,7 @@
   "main": "index.js",
   "dependencies": {
     "axios": "^0.19.0",
+    "cgi": "^0.3.1",
     "jquery": "^3.3.1",
     "material-design-icons-iconfont": "^4.0.5",
     "moment": "^2.24.0",

src/components/Auth.vue

@@ -123,19 +123,21 @@ export default {
         const email = this.accessInfo.academic_id;
         const endPoint = email.indexOf('@');
         const kerb = email.slice(0, endPoint);
-        axios.get('https://mit-people-v3.cloudhub.io/people/v3/people/' + kerb,
-          { headers: { 'client_id': '01fce9ed7f9d4d26939a68a4126add9b',
-            'client_secret': 'D4ce51aA6A32421DA9AddF4188b93255' } })
+        axios.get(process.env.APP_URL + '/cgi-bin/people.py?kerb=' + kerb)
           .then(response => {
-            // subtract 1 for zero-indexing
-            const year = response.data.item.affiliations[0].classYear - 1;
-            if (year === undefined) {
+            if (response.status !== 200) {
               console.log('Failed to find user year');
             } else {
-              this.changeSemester(year);
+              const year = response.data.year;
+              if (year === undefined) {
+                console.log('Failed to find user year');
+              } else {
+                this.changeSemester(year);
+                console.log('setting year to ' + year);
+              }
             }
           });
-      };
+      }
     }
   },
   mounted () {