add whitelists and tokens

fixes
2025-01-24 21:21:42 +10:00 · 2025-01-24 20:50:38 +10:00
13 changed files with 220 additions and 18 deletions
--- a/.gitignore
+++ b/.gitignore
@ -99,7 +99,7 @@ ipython_config.py
 #   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
 #   This is especially recommended for binary packages to ensure reproducibility, and is more
 #   commonly ignored for libraries.
-*.lock
+*-dev.lock

 # poetry
 #   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
--- a/api/Dockerfile
+++ b/api/Dockerfile
@ -2,8 +2,9 @@ FROM python:3.12

 WORKDIR /api

-RUN apt-get update && apt-get install make
+RUN apt-get update && apt-get install make bash
 COPY Makefile requirements.lock pyproject.toml README.md /api/
+
 RUN make deps

 COPY . .
--- a/api/requirements.lock
+++ b/api/requirements.lock
@ -0,0 +1,129 @@
+# generated by rye
+# use `rye lock` or `rye sync` to update this lockfile
+#
+# last locked with the following flags:
+#   pre: false
+#   features: []
+#   all-features: false
+#   with-sources: false
+#   generate-hashes: false
+#   universal: false
+
+-e file:.
+aiohappyeyeballs==2.4.4
+    # via aiohttp
+aiohttp==3.11.11
+    # via api
+aiosignal==1.3.2
+    # via aiohttp
+annotated-types==0.7.0
+    # via pydantic
+anyio==4.8.0
+    # via httpx
+    # via starlette
+    # via watchfiles
+attrs==24.3.0
+    # via aiohttp
+certifi==2024.12.14
+    # via httpcore
+    # via httpx
+    # via requests
+charset-normalizer==3.4.1
+    # via requests
+click==8.1.8
+    # via rich-toolkit
+    # via typer
+    # via uvicorn
+colorama==0.4.6
+    # via click
+    # via uvicorn
+dnspython==2.7.0
+    # via email-validator
+email-validator==2.2.0
+    # via fastapi
+fastapi==0.115.7
+    # via api
+fastapi-cli==0.0.7
+    # via fastapi
+frozenlist==1.5.0
+    # via aiohttp
+    # via aiosignal
+h11==0.14.0
+    # via httpcore
+    # via uvicorn
+httpcore==1.0.7
+    # via httpx
+httptools==0.6.4
+    # via uvicorn
+httpx==0.28.1
+    # via fastapi
+idna==3.10
+    # via anyio
+    # via email-validator
+    # via httpx
+    # via requests
+    # via yarl
+jinja2==3.1.5
+    # via fastapi
+markdown-it-py==3.0.0
+    # via rich
+markupsafe==3.0.2
+    # via jinja2
+mdurl==0.1.2
+    # via markdown-it-py
+multidict==6.1.0
+    # via aiohttp
+    # via yarl
+propcache==0.2.1
+    # via aiohttp
+    # via yarl
+pydantic==2.10.5
+    # via api
+    # via fastapi
+    # via pydantic-settings
+pydantic-core==2.27.2
+    # via pydantic
+pydantic-settings==2.7.1
+    # via api
+pygments==2.19.1
+    # via rich
+python-dotenv==1.0.1
+    # via pydantic-settings
+    # via uvicorn
+python-multipart==0.0.20
+    # via fastapi
+pyyaml==6.0.2
+    # via uvicorn
+requests==2.32.3
+    # via api
+rich==13.9.4
+    # via rich-toolkit
+    # via typer
+rich-toolkit==0.13.2
+    # via fastapi-cli
+shellingham==1.5.4
+    # via typer
+sniffio==1.3.1
+    # via anyio
+starlette==0.45.2
+    # via fastapi
+typer==0.15.1
+    # via fastapi-cli
+typing-extensions==4.12.2
+    # via anyio
+    # via fastapi
+    # via pydantic
+    # via pydantic-core
+    # via rich-toolkit
+    # via typer
+urllib3==2.3.0
+    # via requests
+uvicorn==0.34.0
+    # via fastapi
+    # via fastapi-cli
+watchfiles==1.0.4
+    # via uvicorn
+websockets==14.2
+    # via uvicorn
+yarl==1.18.3
+    # via aiohttp
--- a/api/src/api/check_imei.py
+++ b/api/src/api/check_imei.py
@ -14,7 +14,7 @@ checking_router = APIRouter()
    response_model=DeviceProperties
 )
 async def check_imei(body: CheckingInput):
-    if not await Authentication_service.token_is_valid(token=body.token):
+    if not Authentication_service.token_is_valid(token=body.token):
        raise AccessDenied("token_is_not_valid")
    report: CheckingReport = await Checking_imei_service().request_imei_info(body.imei)
    return report.properties
--- a/api/src/service/authentication.py
+++ b/api/src/service/authentication.py
@ -1,5 +1,7 @@
 class Authentication_service:
    
    @staticmethod
-    async def token_is_valid(token: str) -> bool:
-        return True
+    def token_is_valid(token: str) -> bool:
+        with open("tokens.txt") as F:
+            tokens = F.read().split("\n")
+        return token in tokens
--- a/api/tokens.txt
+++ b/api/tokens.txt
@ -0,0 +1 @@
+e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
--- a/bot/.gitignore
+++ b/bot/.gitignore
@ -1,10 +0,0 @@
-# python generated files
-__pycache__/
-*.py[oc]
-build/
-dist/
-wheels/
-*.egg-info
-
-# venv
-.venv
--- a/bot/Dockerfile
+++ b/bot/Dockerfile
@ -2,7 +2,7 @@ FROM python:3.12

 WORKDIR /bot

-RUN apt-get update && apt-get install make
+RUN apt-get update && apt-get install make bash
 COPY Makefile requirements.lock pyproject.toml README.md /bot/
 RUN make deps

--- a/bot/requirements.lock
+++ b/bot/requirements.lock
@ -0,0 +1,66 @@
+# generated by rye
+# use `rye lock` or `rye sync` to update this lockfile
+#
+# last locked with the following flags:
+#   pre: false
+#   features: []
+#   all-features: false
+#   with-sources: false
+#   generate-hashes: false
+#   universal: false
+
+-e file:.
+aiofiles==24.1.0
+    # via aiogram
+aiogram==3.17.0
+    # via bot
+aiohappyeyeballs==2.4.4
+    # via aiohttp
+aiohttp==3.11.11
+    # via aiogram
+    # via bot
+aiosignal==1.3.2
+    # via aiohttp
+annotated-types==0.7.0
+    # via pydantic
+attrs==24.3.0
+    # via aiohttp
+certifi==2024.12.14
+    # via aiogram
+    # via requests
+charset-normalizer==3.4.1
+    # via requests
+frozenlist==1.5.0
+    # via aiohttp
+    # via aiosignal
+idna==3.10
+    # via requests
+    # via yarl
+magic-filter==1.0.12
+    # via aiogram
+multidict==6.1.0
+    # via aiohttp
+    # via yarl
+propcache==0.2.1
+    # via aiohttp
+    # via yarl
+pydantic==2.10.6
+    # via aiogram
+    # via bot
+    # via pydantic-settings
+pydantic-core==2.27.2
+    # via pydantic
+pydantic-settings==2.7.1
+    # via bot
+python-dotenv==1.0.1
+    # via pydantic-settings
+requests==2.32.3
+    # via bot
+typing-extensions==4.12.2
+    # via aiogram
+    # via pydantic
+    # via pydantic-core
+urllib3==2.3.0
+    # via requests
+yarl==1.18.3
+    # via aiohttp
--- a/bot/src/handlers/ask_imei.py
+++ b/bot/src/handlers/ask_imei.py
@ -4,12 +4,15 @@ from aiogram.utils.formatting import Text, Code

 from src.dispatcher import dispatcher

-from src.services import External_request_service
+from src.services import External_request_service, Authentication_service



@dispatcher.message(F.text)
 async def ask_imei_info(message: types.Message):
+    if not Authentication_service.user_in_white_list(message.from_user.username):
+        return await message.answer("you aren't in white list")
+
    raw_imei = message.text
    if len(raw_imei) != 15:
        return await message.answer("bad imei - length must be 15")
--- a/bot/src/services/init.py
+++ b/bot/src/services/init.py
@ -1 +1,2 @@
 from .external_request import External_request_service as External_request_service
+from .authentication import Authentication_service as Authentication_service
--- a/bot/src/services/authentication.py
+++ b/bot/src/services/authentication.py
@ -0,0 +1,8 @@
+class Authentication_service:
+    
+    @staticmethod
+    def user_in_white_list(username: str) -> bool:        
+        with open("white_list.txt") as F:
+            usernames = F.read().split("\n")
+
+        return username in usernames
--- a/bot/white_list.txt
+++ b/bot/white_list.txt
@ -0,0 +1 @@
+matv864
Author	SHA1	Message	Date
matv864	4d54409d7c	add whitelists and tokens	2025-01-24 21:21:42 +10:00
matv864	c05954deaf	fixes	2025-01-24 20:50:38 +10:00
				`@ -0,0 +1 @@`
				`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`