LOC-1 - forgot to include the server component in the earlier commit
LOC-1 - forgot to include the server component in the earlier commit

#!/usr/bin/env python #!/usr/bin/env python
# #
# #
# LocalChat Server Script # LocalChat Server Script
# #
# #
# apt-get install: # apt-get install:
# python-flask # python-flask
# #
   
from flask import Flask from flask import Flask
from flask import request, make_response from flask import request, make_response
   
   
   
import sqlite3 import sqlite3
import time import time
import os import os
import json import json
   
app = Flask(__name__) app = Flask(__name__)
   
   
   
@app.route('/', defaults={'path': ''},methods=["POST"]) @app.route('/', defaults={'path': ''},methods=["POST"])
@app.route('/<path:path>',methods=["POST"]) @app.route('/<path:path>',methods=["POST"])
def index(path): def index(path):
print "%.6f Request start" % (time.time()) # DEBUGONLY print "%.6f Request start" % (time.time()) # DEBUGONLY
reqdata = request.get_data() reqdata = request.get_data()
try: try:
reqjson = json.loads(reqdata) reqjson = json.loads(reqdata)
except: except:
return make_response("",400) return make_response("",400)
a = msghandler.processSubmission(reqjson) a = msghandler.processSubmission(reqjson)
# Check the status # Check the status
if a in [400,403]: if a in [400,403]:
response = make_response("",a) response = make_response("",a)
return response return response
return json.dumps(a) return json.dumps(a)
   
   
   
class MsgHandler(object): class MsgHandler(object):
   
   
def __init__(self): def __init__(self):
self.conn = False self.conn = False
self.cursor = False self.cursor = False
   
   
   
def createDB(self): def createDB(self):
''' Create the in-memory database ready for use ''' Create the in-memory database ready for use
''' '''
self.conn = sqlite3.connect(':memory:') self.conn = sqlite3.connect(':memory:')
self.cursor = self.conn.cursor() self.cursor = self.conn.cursor()
sql = """ CREATE TABLE rooms ( sql = """ CREATE TABLE rooms (
id INTEGER PRIMARY KEY, id INTEGER PRIMARY KEY,
name TEXT NOT NULL UNIQUE, name TEXT NOT NULL UNIQUE,
owner TEXT NOT NULL, owner TEXT NOT NULL,
pass TEXT NOT NULL pass TEXT NOT NULL
); );
CREATE TABLE messages ( CREATE TABLE messages (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
ts INTEGER NOT NULL, ts INTEGER NOT NULL,
room INTEGER NOT NULL, room INTEGER NOT NULL,
msg TEXT NOT NULL msg TEXT NOT NULL
); );
CREATE TABLE users ( CREATE TABLE users (
username TEXT NOT NULL, username TEXT NOT NULL,
room INTEGER NOT NULL, room INTEGER NOT NULL,
active INTEGER DEFAULT 0, active INTEGER DEFAULT 0,
PRIMARY KEY (username,room) PRIMARY KEY (username,room)
); );
""" """
self.conn.executescript(sql) self.conn.executescript(sql)
   
   
   
def processSubmission(self,reqjson): def processSubmission(self,reqjson):
''' Process an incoming request and route it to ''' Process an incoming request and route it to
the correct function the correct function
''' '''
if not self.conn or not self.cursor: if not self.conn or not self.cursor:
self.createDB() self.createDB()
print reqjson print reqjson
if "action" not in reqjson or "payload" not in reqjson: if "action" not in reqjson or "payload" not in reqjson:
return 400 return 400
# Decrypt the payload # Decrypt the payload
reqjson['payload'] = self.decrypt(reqjson['payload']) reqjson['payload'] = self.decrypt(reqjson['payload'])
try: try:
reqjson['payload'] = json.loads(reqjson['payload']) reqjson['payload'] = json.loads(reqjson['payload'])
except: except:
return 400 return 400
if reqjson['action'] == "createRoom": if reqjson['action'] == "createRoom":
return self.createRoom(reqjson) return self.createRoom(reqjson)
elif reqjson['action'] == "joinRoom": elif reqjson['action'] == "joinRoom":
return self.processjoinRoom(reqjson) return self.processjoinRoom(reqjson)
elif reqjson['action'] == "leaveRoom": elif reqjson['action'] == "leaveRoom":
return self.processleaveRoom(reqjson) return self.processleaveRoom(reqjson)
   
elif reqjson['action'] == "banUser": elif reqjson['action'] == "banUser":
return self.kickUser(reqjson,True) return self.kickUser(reqjson,True)
elif reqjson['action'] == "inviteUser": elif reqjson['action'] == "inviteUser":
return self.inviteUser(reqjson) return self.inviteUser(reqjson)
elif reqjson['action'] == "kickUser": elif reqjson['action'] == "kickUser":
return self.kickUser(reqjson,False) return self.kickUser(reqjson,False)
elif reqjson['action'] == 'sendMsg': elif reqjson['action'] == 'sendMsg':
return self.sendMsg(reqjson) return self.sendMsg(reqjson)
elif reqjson['action'] == 'pollMsg': elif reqjson['action'] == 'pollMsg':
return self.fetchMsgs(reqjson) return self.fetchMsgs(reqjson)
   
def decrypt(self,msg): def decrypt(self,msg):
''' This is currently just a placeholder ''' This is currently just a placeholder
Will be updated later Will be updated later
''' '''
return msg return msg
   
   
   
def createRoom(self,reqjson): def createRoom(self,reqjson):
''' '''
Payload should contain a JSON object consisting of Payload should contain a JSON object consisting of
roomName roomName
owner owner
passhash passhash
e.g. e.g.
curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"createRoom","payload":"{ curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"createRoom","payload":"{
\"roomName\":\"BenTest\", \"roomName\":\"BenTest\",
\"owner\":\"ben\", \"owner\":\"ben\",
\"passhash\":\"abcdefg\" \"passhash\":\"abcdefg\"
}" }"
}' }'
''' '''
print "Creating room %s" % (reqjson['payload']) print "Creating room %s" % (reqjson['payload'])
# Create a tuple for sqlite3 # Create a tuple for sqlite3
t = (reqjson['payload']['roomName'], t = (reqjson['payload']['roomName'],
reqjson['payload']['owner'], reqjson['payload']['owner'],
reqjson['payload']['passhash']) reqjson['payload']['passhash'])
try: try:
self.cursor.execute("INSERT INTO rooms (name,owner,pass) VALUES (?,?,?)",t) self.cursor.execute("INSERT INTO rooms (name,owner,pass) VALUES (?,?,?)",t)
roomid = self.cursor.lastrowid roomid = self.cursor.lastrowid
except: except:
# Probably a duplicate name, but we don't want to give the other end a reason anyway # Probably a duplicate name, but we don't want to give the other end a reason anyway
return 500 return 500
self.cursor.execute("INSERT INTO users (username,room) values (?,?)",(reqjson['payload']['owner'],roomid)) self.cursor.execute("INSERT INTO users (username,room) values (?,?)",(reqjson['payload']['owner'],roomid))
self.conn.commit() self.conn.commit()
return { return {
'status':'ok', 'status':'ok',
'roomid': roomid, 'roomid': roomid,
'name' : reqjson['payload']['roomName'] 'name' : reqjson['payload']['roomName']
} }
   
   
def inviteUser(self,reqjson): def inviteUser(self,reqjson):
''' Link a username into a room ''' Link a username into a room
   
   
curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"inviteUser","payload":"{\"roomName\":\"BenTest\",\"user\":\"ben2\"}"}' curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"inviteUser","payload":"{\"roomName\":\"BenTest\",\"user\":\"ben2\"}"}'
   
''' '''
if "roomName" not in reqjson['payload']: if "roomName" not in reqjson['payload']:
return 400 return 400
room = self.getRoomID(reqjson['payload']["roomName"]) room = self.getRoomID(reqjson['payload']["roomName"])
if not room: if not room:
return 400 return 400
  if not self.validateUser(reqjson['payload']):
  return 403
   
   
# Otherwise, link the user in # Otherwise, link the user in
self.cursor.execute("INSERT INTO users (username,room) values (?,?)",(reqjson['payload']['user'],room)) self.cursor.execute("INSERT INTO users (username,room) values (?,?)",(reqjson['payload']['invite'],room))
self.conn.commit()  
  # Push a notification into the group
  m = {
  "user":"SYSTEM",
  "text":"User %s invited %s to the room" % (reqjson['payload']['user'],reqjson['payload']['invite'])
  }
   
  self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m)))
  self.conn.commit()
   
return { return {
"status":'ok' "status":'ok'
} }
def kickUser(self,reqjson,ban=False): def kickUser(self,reqjson,ban=False):
''' Kick a user out of room ''' Kick a user out of room
Default is just to boot them out, but can also remove their authorisation to enter Default is just to boot them out, but can also remove their authorisation to enter
''' '''
if "roomName" not in reqjson['payload'] or "user" not in reqjson['payload'] or "kick" not in reqjson['payload']: if "roomName" not in reqjson['payload'] or "user" not in reqjson['payload'] or "kick" not in reqjson['payload']:
return 400 return 400
room = self.getRoomID(reqjson['payload']["roomName"]) room = self.getRoomID(reqjson['payload']["roomName"])
if not room: if not room:
return 400 return 400
# Check the requesting user is the admin # Check the requesting user is the admin
self.cursor.execute("SELECT * from rooms where id=? and owner=?",(room,reqjson["payload"]["user"])) self.cursor.execute("SELECT * from rooms where id=? and owner=?",(room,reqjson["payload"]["user"]))
n = self.cursor.fetchone() n = self.cursor.fetchone()
if not n: if not n:
return 403 return 403
self.cursor.execute("UPDATE users set active=0 where room=? and username=?",(room,reqjson["payload"]["kick"])) self.cursor.execute("UPDATE users set active=0 where room=? and username=?",(room,reqjson["payload"]["kick"]))
m = { m = {
"user":"SYSTEM", "user":"SYSTEM",
"text":"User %s kicked %s from the room" % (reqjson['payload']['user'],reqjson['payload']['kick']) "text":"User %s kicked %s from the room" % (reqjson['payload']['user'],reqjson['payload']['kick'])
} }
self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m))) self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m)))
msgid = self.cursor.lastrowid msgid = self.cursor.lastrowid
self.conn.commit() self.conn.commit()
if ban: if ban:
# If we're banning them, also need to disinvite them # If we're banning them, also need to disinvite them
self.cursor.execute("DELETE from users where room=? and username=?",(room,reqjson["payload"]["kick"])) self.cursor.execute("DELETE from users where room=? and username=?",(room,reqjson["payload"]["kick"]))
m = { m = {
"user":"SYSTEM", "user":"SYSTEM",
"text":"User %s banned %s from the room" % (reqjson['payload']['user'],reqjson['payload']['kick']) "text":"User %s banned %s from the room" % (reqjson['payload']['user'],reqjson['payload']['kick'])
} }
self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m))) self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m)))
self.conn.commit() self.conn.commit()
return { "status" : "ok" } return { "status" : "ok" }
def processjoinRoom(self,reqjson): def processjoinRoom(self,reqjson):
''' Process a request from a user to login to a room ''' Process a request from a user to login to a room
Not yet defined the authentication mechanism to use, so that's a TODO Not yet defined the authentication mechanism to use, so that's a TODO
''' '''
if "roomName" not in reqjson['payload'] or "user" not in reqjson['payload']: if "roomName" not in reqjson['payload'] or "user" not in reqjson['payload']:
return 400 return 400
room = self.getRoomID(reqjson['payload']["roomName"]) room = self.getRoomID(reqjson['payload']["roomName"])
if not room: if not room:
return 400 return 400
# Check whether that user is authorised to connect to that room # Check whether that user is authorised to connect to that room
self.cursor.execute("SELECT username, room from users where username=? and room=?",(reqjson['payload']['user'],room)) self.cursor.execute("SELECT username, room from users where username=? and room=?",(reqjson['payload']['user'],room))
r = self.cursor.fetchone() r = self.cursor.fetchone()
if not r: if not r:
return { "status": "NOK" } return { "status": "NOK" }
else: else:
# Tidy older messages away. # Tidy older messages away.
# #
# We do this so that a user who joins can't then send a poll with last:0 to retrieve the full history # We do this so that a user who joins can't then send a poll with last:0 to retrieve the full history
# #
# Basically, anything older than 10 seconds should go. Users who were already present will be able # Basically, anything older than 10 seconds should go. Users who were already present will be able
# to scroll up and down in their client anyway # to scroll up and down in their client anyway
self.tidyMsgs(time.time()-10,room) self.tidyMsgs(time.time()-10,room)
# Push a message to the room to note that the user joined # Push a message to the room to note that the user joined
m = { m = {
"user":"SYSTEM", "user":"SYSTEM",
"text":"User %s joined the room" % (reqjson['payload']['user']) "text":"User %s joined the room" % (reqjson['payload']['user'])
} }
self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m))) self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m)))
msgid = self.cursor.lastrowid msgid = self.cursor.lastrowid
self.conn.commit() self.conn.commit()
# Check the latest message ID for that room # Check the latest message ID for that room
self.cursor.execute("SELECT id from messages WHERE room=? and id != ? ORDER BY id DESC",(room,msgid)) self.cursor.execute("SELECT id from messages WHERE room=? and id != ? ORDER BY id DESC",(room,msgid))
r = self.cursor.fetchone() r = self.cursor.fetchone()
if not r: if not r:
last = 0 last = 0
else: else:
last = r[0] last = r[0]
# Mark the user as active in the users table # Mark the user as active in the users table
self.cursor.execute("UPDATE users set active=1 where username=? and room=?", (reqjson['payload']['user'],room)) self.cursor.execute("UPDATE users set active=1 where username=? and room=?", (reqjson['payload']['user'],room))
self.conn.commit() self.conn.commit()
return {"status":"ok","last":last} return {"status":"ok","last":last}
def processleaveRoom(self,reqjson): def processleaveRoom(self,reqjson):
''' Process a user's request to leave a room ''' Process a user's request to leave a room
''' '''
if "roomName" not in reqjson['payload'] or "user" not in reqjson['payload']: if "roomName" not in reqjson['payload'] or "user" not in reqjson['payload']:
return 400 return 400
room = self.getRoomID(reqjson['payload']["roomName"]) room = self.getRoomID(reqjson['payload']["roomName"])
if not room: if not room:
return 400 return 400
# Check the user is actually in the room and authorised # Check the user is actually in the room and authorised
if not self.validateUser(reqjson['payload']): if not self.validateUser(reqjson['payload']):
return 400 return 400
# Mark them as not in the room # Mark them as not in the room
self.cursor.execute("UPDATE users set active=0 where username=? and room=?", (reqjson['payload']['user'],room)) self.cursor.execute("UPDATE users set active=0 where username=? and room=?", (reqjson['payload']['user'],room))
self.conn.commit() self.conn.commit()
# Push a message to the room to note they left # Push a message to the room to note they left
m = { m = {
"user":"SYSTEM", "user":"SYSTEM",
"text":"User %s left the room" % (reqjson['payload']['user']) "text":"User %s left the room" % (reqjson['payload']['user'])
} }
self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m))) self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,json.dumps(m)))
msgid = self.cursor.lastrowid msgid = self.cursor.lastrowid
self.conn.commit() self.conn.commit()
return {"status":"ok"} return {"status":"ok"}
def sendMsg(self,reqjson): def sendMsg(self,reqjson):
''' Push a message into a room ''' Push a message into a room
curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"sendMsg","payload":"{\"roomName\":\"BenTest\", \"msg\":\"ENCRYPTED-DATA\",\"user\":\"ben2\"}"}' curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"sendMsg","payload":"{\"roomName\":\"BenTest\", \"msg\":\"ENCRYPTED-DATA\",\"user\":\"ben2\"}"}'
''' '''
if not self.validateUser(reqjson['payload']): if not self.validateUser(reqjson['payload']):
return 403 return 403
if "roomName" not in reqjson['payload'] or "msg" not in reqjson['payload']: if "roomName" not in reqjson['payload'] or "msg" not in reqjson['payload']:
return 400 return 400
room = self.getRoomID(reqjson['payload']["roomName"]) room = self.getRoomID(reqjson['payload']["roomName"])
print room print room
if not room: if not room:
return 400 return 400
   
self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,reqjson['payload']['msg'])) self.cursor.execute("INSERT INTO messages (ts,room,msg) VALUES (?,?,?)",(time.time(),room,reqjson['payload']['msg']))
msgid = self.cursor.lastrowid msgid = self.cursor.lastrowid
self.conn.commit() self.conn.commit()
# Check the latest message ID for that room # Check the latest message ID for that room
self.cursor.execute("SELECT id from messages WHERE room=? and id != ? ORDER BY id DESC",(room,msgid)) self.cursor.execute("SELECT id from messages WHERE room=? and id != ? ORDER BY id DESC",(room,msgid))
r = self.cursor.fetchone() r = self.cursor.fetchone()
if not r: if not r:
last = 0 last = 0
else: else:
last = r[0] last = r[0]
return { return {
"status" : "ok", "status" : "ok",
"msgid" : msgid, "msgid" : msgid,
"last" : last "last" : last
} }
def fetchMsgs(self,reqjson): def fetchMsgs(self,reqjson):
''' Check to see if there are any new messages in the room ''' Check to see if there are any new messages in the room
curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"pollMsg","payload":"{\"roomName\":\"BenTest\", \"mylast\":1,\"user\":\"ben2\"}"}' curl -v -X POST http://127.0.0.1:8090/ -H "Content-Type: application/json" --data '{"action":"pollMsg","payload":"{\"roomName\":\"BenTest\", \"mylast\":1,\"user\":\"ben2\"}"}'
''' '''
if not self.validateUser(reqjson['payload']): if not self.validateUser(reqjson['payload']):
return 403 return 403
   
if "mylast" not in reqjson['payload']: if "mylast" not in reqjson['payload']:
return 400 return 400
room = self.getRoomID(reqjson['payload']["roomName"]) room = self.getRoomID(reqjson['payload']["roomName"])
print room print room
if not room: if not room:
return 400 return 400
self.cursor.execute("""SELECT id,msg,ts FROM messages self.cursor.execute("""SELECT id,msg,ts FROM messages
WHERE room=? AND WHERE room=? AND
id > ? id > ?
ORDER BY ts ASC ORDER BY ts ASC
""",(room,reqjson['payload']['mylast'])) """,(room,reqjson['payload']['mylast']))
r = self.cursor.fetchall() r = self.cursor.fetchall()
if not r: if not r:
# No changes # No changes
return {"status":"unchanged","last":reqjson['payload']['mylast']} return {"status":"unchanged","last":reqjson['payload']['mylast']}
# Otherwise, return the messages # Otherwise, return the messages
return {"status":"updated", return {"status":"updated",
"messages" : r "messages" : r
} }
def validateUser(self,payload): def validateUser(self,payload):
''' Placeholder for now. Auth will be handled in more depth later ''' Placeholder for now. Auth will be handled in more depth later
''' '''
if "user" not in payload or "roomName" not in payload: if "user" not in payload or "roomName" not in payload:
return False return False
room = self.getRoomID(payload["roomName"]) room = self.getRoomID(payload["roomName"])
if not room: if not room:
return 400 return 400
# Check whether the user has been marked as active # Check whether the user has been marked as active
self.cursor.execute("SELECT username, room from users where username=? and room=? and active=1",(payload['user'],room)) self.cursor.execute("SELECT username, room from users where username=? and room=? and active=1",(payload['user'],room))
r = self.cursor.fetchone() r = self.cursor.fetchone()
if not r: if not r:
return False return False
return True return True
   
   
def getRoomID(self,roomname): def getRoomID(self,roomname):
''' Get a room's ID from its name ''' Get a room's ID from its name
''' '''
t = (roomname,) t = (roomname,)
self.cursor.execute("SELECT id from rooms where name=?",t) self.cursor.execute("SELECT id from rooms where name=?",t)
r = self.cursor.fetchone() r = self.cursor.fetchone()
if not r: if not r:
return False return False
return r[0] return r[0]
   
def tidyMsgs(self,thresholdtime,room=False): def tidyMsgs(self,thresholdtime,room=False):
''' Remove messages older than the threshold time ''' Remove messages older than the threshold time
''' '''
if room: if room:
# Tidy from a specific room # Tidy from a specific room
self.cursor.execute("DELETE FROM messages where ts < ? and room = ?",(thresholdtime,room)) self.cursor.execute("DELETE FROM messages where ts < ? and room = ?",(thresholdtime,room))
self.conn.commit() self.conn.commit()
else: else:
self.cursor.execute("DELETE FROM messages where ts < ?",(thresholdtime,)) self.cursor.execute("DELETE FROM messages where ts < ?",(thresholdtime,))
self.conn.commit() self.conn.commit()
   
   
   
def test(self): def test(self):
return ['foo'] return ['foo']
   
   
   
   
# Create a global instance of the wrapper so that state can be retained # Create a global instance of the wrapper so that state can be retained
msghandler = MsgHandler() msghandler = MsgHandler()
   
   
if __name__ == '__main__': if __name__ == '__main__':
# Bind to PORT if defined, otherwise default to 8090. # Bind to PORT if defined, otherwise default to 8090.
port = int(os.environ.get('PORT', 8090)) port = int(os.environ.get('PORT', 8090))
app.run(host='0.0.0.0', port=port,debug=True) app.run(host='0.0.0.0', port=port,debug=True)