2019-12-08 22:43:49 +01:00
|
|
|
import json
|
|
|
|
import random
|
|
|
|
from typing import Dict, Any, Optional
|
2021-09-07 19:57:18 +02:00
|
|
|
from typing_extensions import Final
|
2019-12-08 22:43:49 +01:00
|
|
|
|
|
|
|
from bemani.common import Time
|
2021-08-20 06:43:59 +02:00
|
|
|
from bemani.data.config import Config
|
2019-12-08 22:43:49 +01:00
|
|
|
|
2021-03-19 01:47:37 +01:00
|
|
|
from sqlalchemy.engine import CursorResult # type: ignore
|
2024-03-30 03:07:21 +01:00
|
|
|
from sqlalchemy.orm import scoped_session
|
|
|
|
from sqlalchemy.sql import text
|
|
|
|
from sqlalchemy.types import String, Integer
|
|
|
|
from sqlalchemy import Table, Column, MetaData
|
2019-12-08 22:43:49 +01:00
|
|
|
|
2021-05-31 20:07:03 +02:00
|
|
|
metadata = MetaData()
|
2019-12-08 22:43:49 +01:00
|
|
|
|
|
|
|
"""
|
|
|
|
Table for storing session IDs, so a session ID can be used to look up an arbitrary ID.
|
|
|
|
This is currently used for user logins, user and arcade PASELI sessions.
|
|
|
|
"""
|
2021-05-31 20:07:03 +02:00
|
|
|
session = Table(
|
2022-10-15 20:56:30 +02:00
|
|
|
"session",
|
2019-12-08 22:43:49 +01:00
|
|
|
metadata,
|
2022-10-15 20:56:30 +02:00
|
|
|
Column("id", Integer, nullable=False),
|
|
|
|
Column("type", String(32), nullable=False),
|
|
|
|
Column("session", String(32), nullable=False, unique=True),
|
|
|
|
Column("expiration", Integer),
|
|
|
|
mysql_charset="utf8mb4",
|
2019-12-08 22:43:49 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
class _BytesEncoder(json.JSONEncoder):
|
|
|
|
def default(self, obj: Any) -> Any:
|
|
|
|
if isinstance(obj, bytes):
|
|
|
|
# We're abusing lists here, we have a mixed type
|
2022-10-15 20:56:30 +02:00
|
|
|
return ["__bytes__"] + [b for b in obj]
|
2019-12-08 22:43:49 +01:00
|
|
|
return json.JSONEncoder.default(self, obj)
|
|
|
|
|
|
|
|
|
|
|
|
class BaseData:
|
2021-09-07 19:57:18 +02:00
|
|
|
SESSION_LENGTH: Final[int] = 32
|
2019-12-08 22:43:49 +01:00
|
|
|
|
2024-03-30 03:07:21 +01:00
|
|
|
def __init__(self, config: Config, conn: scoped_session) -> None:
|
2019-12-08 22:43:49 +01:00
|
|
|
"""
|
|
|
|
Initialize any DB singleton.
|
|
|
|
|
|
|
|
Should only ever be called by Data.
|
|
|
|
|
|
|
|
Parameters:
|
|
|
|
config - config structure which is provided in case any function here
|
|
|
|
needs to look up configuration.
|
|
|
|
conn - An established connection to the DB which will be used for all
|
|
|
|
queries.
|
|
|
|
"""
|
|
|
|
self.__config = config
|
|
|
|
self.__conn = conn
|
|
|
|
|
2022-10-15 20:56:30 +02:00
|
|
|
def execute(
|
|
|
|
self,
|
|
|
|
sql: str,
|
|
|
|
params: Optional[Dict[str, Any]] = None,
|
|
|
|
safe_write_operation: bool = False,
|
|
|
|
) -> CursorResult:
|
2019-12-08 22:43:49 +01:00
|
|
|
"""
|
|
|
|
Given a SQL string and some parameters, execute the query and return the result.
|
|
|
|
|
|
|
|
Parameters:
|
|
|
|
sql - The SQL statement to execute.
|
|
|
|
params - Dictionary of parameters which will be substituted into the sql string.
|
|
|
|
|
|
|
|
Returns:
|
2021-03-19 01:47:37 +01:00
|
|
|
A SQLAlchemy CursorResult object.
|
2019-12-08 22:43:49 +01:00
|
|
|
"""
|
2021-08-20 06:43:59 +02:00
|
|
|
if self.__config.database.read_only:
|
2019-12-08 22:43:49 +01:00
|
|
|
# See if this is an insert/update/delete
|
2022-10-07 03:58:15 +02:00
|
|
|
lowered = sql.lower()
|
|
|
|
for write_statement_group in [
|
|
|
|
["insert into"],
|
|
|
|
["update", "set"],
|
|
|
|
["delete from"],
|
2019-12-08 22:43:49 +01:00
|
|
|
]:
|
2022-10-07 03:58:15 +02:00
|
|
|
includes = all(s in lowered for s in write_statement_group)
|
|
|
|
if includes and not safe_write_operation:
|
2022-10-15 20:56:30 +02:00
|
|
|
raise Exception("Read-only mode is active!")
|
2021-05-31 20:07:03 +02:00
|
|
|
return self.__conn.execute(
|
2019-12-08 22:43:49 +01:00
|
|
|
text(sql),
|
|
|
|
params if params is not None else {},
|
|
|
|
)
|
|
|
|
|
|
|
|
def serialize(self, data: Dict[str, Any]) -> str:
|
|
|
|
"""
|
|
|
|
Given an arbitrary dict, serialize it to JSON.
|
|
|
|
"""
|
|
|
|
return json.dumps(data, cls=_BytesEncoder)
|
|
|
|
|
|
|
|
def deserialize(self, data: Optional[str]) -> Dict[str, Any]:
|
|
|
|
"""
|
|
|
|
Given a string, deserialize it from JSON.
|
|
|
|
"""
|
|
|
|
if data is None:
|
|
|
|
return {}
|
|
|
|
|
|
|
|
def fix(jd: Any) -> Any:
|
|
|
|
if type(jd) == dict:
|
|
|
|
# Fix each element in the dictionary.
|
|
|
|
for key in jd:
|
|
|
|
jd[key] = fix(jd[key])
|
|
|
|
return jd
|
|
|
|
|
|
|
|
if type(jd) == list:
|
|
|
|
# Could be serialized by us, could be a normal list.
|
2022-10-15 20:56:30 +02:00
|
|
|
if len(jd) >= 1 and jd[0] == "__bytes__":
|
2019-12-08 22:43:49 +01:00
|
|
|
# This is a serialized bytestring
|
|
|
|
return bytes(jd[1:])
|
|
|
|
|
|
|
|
# Possibly one of these is a dictionary/list/serialized.
|
|
|
|
for i in range(len(jd)):
|
|
|
|
jd[i] = fix(jd[i])
|
|
|
|
return jd
|
|
|
|
|
|
|
|
# Normal value, its deserialized version is itself.
|
|
|
|
return jd
|
|
|
|
|
|
|
|
return fix(json.loads(data))
|
|
|
|
|
|
|
|
def _from_session(self, session: str, sesstype: str) -> Optional[int]:
|
|
|
|
"""
|
|
|
|
Given a previously-opened session, look up an ID.
|
|
|
|
|
|
|
|
Parameters:
|
|
|
|
session - String identifying a session that was opened by create_session.
|
|
|
|
sesstype - Arbitrary string identifying the session type.
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
ID as an integer if found, or None if the session is expired or doesn't exist.
|
|
|
|
"""
|
|
|
|
# Look up the user account, making sure to expire old sessions
|
|
|
|
sql = "SELECT id FROM session WHERE session = :session AND type = :type AND expiration > :timestamp"
|
2024-01-02 03:46:24 +01:00
|
|
|
cursor = self.execute(sql, {"session": session, "type": sesstype, "timestamp": Time.now()})
|
2019-12-08 22:43:49 +01:00
|
|
|
if cursor.rowcount != 1:
|
|
|
|
# Couldn't find a user with this session
|
|
|
|
return None
|
|
|
|
|
|
|
|
result = cursor.fetchone()
|
2022-10-15 20:56:30 +02:00
|
|
|
return result["id"]
|
2019-12-08 22:43:49 +01:00
|
|
|
|
2024-01-02 03:46:24 +01:00
|
|
|
def _create_session(self, opid: int, optype: str, expiration: int = (30 * 86400)) -> str:
|
2019-12-08 22:43:49 +01:00
|
|
|
"""
|
|
|
|
Given an ID, create a session string.
|
|
|
|
|
|
|
|
Parameters:
|
|
|
|
opid - ID we wish to start a session for.
|
|
|
|
expiration - Number of seconds before this session is invalid.
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
A string that can be used as a session ID.
|
|
|
|
"""
|
|
|
|
# Create a new session that is unique
|
|
|
|
while True:
|
2024-01-02 03:46:24 +01:00
|
|
|
session = "".join(random.choice("0123456789ABCDEF") for _ in range(BaseData.SESSION_LENGTH))
|
2019-12-08 22:43:49 +01:00
|
|
|
sql = "SELECT session FROM session WHERE session = :session"
|
2022-10-15 20:56:30 +02:00
|
|
|
cursor = self.execute(sql, {"session": session})
|
2019-12-08 22:43:49 +01:00
|
|
|
if cursor.rowcount == 0:
|
|
|
|
# Make sure sessions expire in a reasonable amount of time
|
|
|
|
expiration = Time.now() + expiration
|
|
|
|
|
|
|
|
# Use that session
|
2023-03-19 19:09:06 +01:00
|
|
|
sql = """
|
|
|
|
INSERT INTO session (id, session, type, expiration)
|
|
|
|
VALUES (:id, :session, :optype, :expiration)
|
|
|
|
"""
|
2019-12-08 22:43:49 +01:00
|
|
|
cursor = self.execute(
|
|
|
|
sql,
|
2022-10-15 20:56:30 +02:00
|
|
|
{
|
|
|
|
"id": opid,
|
|
|
|
"session": session,
|
|
|
|
"optype": optype,
|
|
|
|
"expiration": expiration,
|
|
|
|
},
|
2019-12-08 22:43:49 +01:00
|
|
|
safe_write_operation=True,
|
|
|
|
)
|
|
|
|
if cursor.rowcount == 1:
|
|
|
|
return session
|
|
|
|
|
|
|
|
def _destroy_session(self, session: str, sesstype: str) -> None:
|
|
|
|
"""
|
|
|
|
Destroy a previously-created session.
|
|
|
|
|
|
|
|
Parameters:
|
|
|
|
session - A session string as returned from create_session.
|
|
|
|
"""
|
|
|
|
# Remove the session token
|
|
|
|
sql = "DELETE FROM session WHERE session = :session AND type = :sesstype"
|
2024-01-02 03:46:24 +01:00
|
|
|
self.execute(sql, {"session": session, "sesstype": sesstype}, safe_write_operation=True)
|
2019-12-08 22:43:49 +01:00
|
|
|
|
|
|
|
# Also weed out any other defunct sessions
|
|
|
|
sql = "DELETE FROM session WHERE expiration < :timestamp"
|
2022-10-15 20:56:30 +02:00
|
|
|
self.execute(sql, {"timestamp": Time.now()}, safe_write_operation=True)
|