underground-software · theyoyojo · May 2, 2024 · May 1, 2024 · May 1, 2024 · May 1, 2024
diff --git a/container-compose-dev.yml b/container-compose-dev.yml
@@ -17,5 +17,5 @@ services:
     volumes:
       - type: bind
         source: ./kdlp.underground.software
-        target: /orbit/docs
+        target: /usr/local/share/orbit/docs
         read_only: true
diff --git a/orbit/.dockerignore b/orbit/.dockerignore
diff --git a/orbit/Containerfile b/orbit/Containerfile
@@ -1,24 +1,14 @@
 FROM alpine:3.19 AS build
 
 RUN apk update && apk upgrade && apk add \
-	python3-dev \
-	py3-pip \
-	build-base \
-	libffi-dev \
+	py3-peewee \
 	envsubst \
 	;
 
-COPY requirements.txt /requirements.txt
-RUN python3 -m venv /radius-venv && \
-	source /radius-venv/bin/activate && \
-	pip install -r requirements.txt && \
-	:
-
-COPY . /orbit
-WORKDIR /orbit
+COPY . /usr/local/share/orbit
+WORKDIR /usr/local/share/orbit
 
 RUN mkdir -p /var/orbit/ && \
-	source /radius-venv/bin/activate && \
 	./db.py \
 	:
 
@@ -29,35 +19,31 @@ RUN test -n "$orbit_version_info" || (echo 'version info is not set' && false) &
 	rm config.py.template \
 	;
 
-RUN mkdir \
-	/var/git \
-	/orbit/docs \
-	/etc/cgit \
-	;
-
-COPY --from=orbit_singularity_git_dir . /var/git/singularity
-COPY --from=orbit_docs_source . /orbit/docs
-COPY --from=orbit_repos_source . /etc/cgit
-
 FROM alpine:3.19 AS orbit
 
 RUN apk update && apk upgrade && apk add \
-	python3 \
+	py3-bcrypt \
+	py3-peewee \
+	py3-markdown \
+	uwsgi-python3 \
+	uwsgi-http \
 	cgit \
 	;
 
-COPY --from=build /orbit /orbit
-COPY --from=build /radius-venv /radius-venv
+WORKDIR /usr/local/share/orbit
+
+COPY --from=build /usr/local/share/orbit /usr/local/share/orbit
+COPY --from=orbit_docs_source . ./docs
 COPY --from=build /var/orbit /var/orbit
-COPY --from=build /var/git /var/git
-COPY --from=build /etc/cgit /etc/cgit
+COPY --from=orbit_singularity_git_dir . /var/git/singularity
+COPY --from=orbit_repos_source . /etc/cgit
 
 COPY cgitrc /etc/cgitrc
 
-RUN chown -R 100:100 /orbit /radius-venv /var/orbit /var/git
+RUN chown -R 100:100 /var/orbit
 
 USER 100:100
 
 EXPOSE 9098
 
-CMD /bin/sh -c "source /radius-venv/bin/activate && uwsgi /orbit/radius.ini"
+CMD ["uwsgi", "--plugin", "python,http", "./radius.ini"]
diff --git a/orbit/README.md b/orbit/README.md
diff --git a/orbit/config.py b/orbit/config.py
@@ -1,9 +1,8 @@
 version_info = '${orbit_version_info}'
 
 # read these documents from a filesystem path
-orbit_root = '/orbit'
-doc_root = f'{orbit_root}/docs'
-doc_header = f'{orbit_root}/header.html'
+doc_root = './docs'
+doc_header = './header.html'
 database = '/var/orbit/orbit.db'
 
 # duration of authentication token validity period

diff --git a/orbit/dev-requirements.txt b/orbit/dev-requirements.txt
diff --git a/orbit/hyperspace.py b/orbit/hyperspace.py
@@ -8,85 +8,45 @@
 
 # internal imports
 import config
-from radius import Session
 
 
 def errx(msg):
     print(msg, file=sys.stderr)
     exit(1)
 
 
-def need(a, u=False, p=False, t=False):
+def need(a, u=False, p=False):
+    needed = []
     if u and a.username is None:
-        errx("Need username. Bye.")
+        needed.append('username')
     if p and a.password is None:
-        errx("Need password. Bye.")
-    if t and a.token is None:
-        errx("Need token. Bye.")
+        needed.append('password')
+    if needed:
+        errx(f"Need {' and '.join(needed)}. Bye.")
 
 
 def nou(u):
     errx(f'no such user "{u}". Bye.')
 
 
-def do_query_username(args):
-    need(args, u=True)
-    if not (user := db.User.get_or_none(db.User.username == args.username)):
-        nou(args.username)
-    print(f'Username        : {user.username}\n'
-          f'Hashed Password : {user.pwdhash}\n'
-          f'Student ID      : {user.student_id}')
-
-
-def do_validate_token(args):
-    need(args, t=True)
-
-    ses = db.Session.get_or_none(db.Session.token == args.token)
-    if ses:
-        print(ses.username)
-    else:
-        print('null')
-
-
 def do_drop_session(args):
     need(args, u=True)
     query = (db.Session
              .delete()
-             .where(db.Session.username == args.username)
-             .returning(db.Session))
-
-    if ses := next(iter(query.execute()), None):
-        print(ses.username)
-    else:
-        print('null')
-
-
-def do_create_session(args):
-    need(args, u=True)
-    ses = Session(username=args.username)
-    print(ses.token)
-
+             .where(db.Session.username == args.username))
 
-def do_validate_creds(args):
-    need(args, u=True, p=True)
-    if not (user := db.User.get_or_none(db.User.username == args.username)):
-        nou(args.username)
-    if not bcrypt.checkpw(args.password.encode('utf-8'),
-                          user.pwdhash.encode('utf-8')):
-        print('null')
-        return
-    print(f'credentials(username: {args.username}, password:{args.password})')
+    if query.execute() < 1:
+        errx('No session belonging to that user found')
 
 
 def do_change_password(args):
     need(args, u=True, p=True)
-    new_hash = do_bcrypt_hash(args, get=True)
+    new_hash = do_bcrypt_hash(args)
     query = (db.User
              .update({db.User.pwdhash: new_hash})
              .where(db.User.username == args.username))
     if query.execute() < 1:
         nou(args.username)
-    print(f'credentials(username: {args.username}, password:{args.password})')
 
 
 def do_delete_user(args):
@@ -96,30 +56,24 @@ def do_delete_user(args):
              .where(db.User.username == args.username))
     if query.execute() < 1:
         nou(args.username)
-    print(args.username)
 
 
-def do_bcrypt_hash(args, get=False):
+def do_bcrypt_hash(args):
     need(args, p=True)
-    res = str(bcrypt.hashpw(bytes(args.password, "UTF-8"),
-                            bcrypt.gensalt()), "UTF-8")
-    if get:
-        return res
-    else:
-        print(res)
+    return bcrypt.hashpw(args.password.encode('utf-8'),
+                         bcrypt.gensalt()).decode('utf-8')
 
 
 def do_newuser(args):
     need(args, u=True, p=True)
-    new_hash = do_bcrypt_hash(args, get=True)
+    new_hash = do_bcrypt_hash(args)
     try:
         db.User.create(username=args.username, pwdhash=new_hash,
                        student_id=args.studentid)
         if args.studentid:
             db.Registration.create(username=args.username,
                                    password=args.password,
                                    student_id=args.studentid)
-        do_validate_creds(args)
     except db.peewee.IntegrityError as e:
         errx(f'cannot create user with duplicate field: "{e}"')
 
@@ -145,9 +99,6 @@ def hyperspace_main(raw_args):
     parser.add_argument('-u', '--username', help='Username to operate with')
     parser.add_argument('-p', '--password', help='Password to operate with')
     parser.add_argument('-i', '--studentid', help='Student ID to operate with')
-    parser.add_argument('-t', '--token', help='Token to operate with')
-    parser.add_argument('-e', '--exercise',
-                        help='Assignment/Exercise to operate with')
 
     actions = parser.add_mutually_exclusive_group()
     actions.add_argument('-r', '--roster', action='store_const',
@@ -156,39 +107,24 @@ def hyperspace_main(raw_args):
     actions.add_argument('-n', '--newuser', action='store_const',
                          help='Create a new user from supplied credentials',
                          dest='do', const=do_newuser)
-    actions.add_argument('-s', '--session', action='store_const',
-                         help='Check valitity of supplied token',
-                         dest='do', const=do_validate_token)
-    actions.add_argument('-d', '--dropsession', action='store_const',
-                         help='Drop any existing valid session for supplied username',  # NOQA: E501
-                         dest='do', const=do_drop_session)
-    actions.add_argument('-c', '--createsession', action='store_const',
-                         help='Create session for supplied username',
-                         dest='do', const=do_create_session)
-    actions.add_argument('-v', '--validatecreds', action='store_const',
-                         help='Create session for supplied username',
-                         dest='do', const=do_validate_creds)
     actions.add_argument('-m', '--mutatepassword', action='store_const',
                          help='Change password for supplied username to supplied password',  # NOQA: E501
                          dest='do', const=do_change_password)
     actions.add_argument('-w', '--withdrawuser', action='store_const',
                          help='Delete ("withdraw") the supplied username',
                          dest='do', const=do_delete_user)
-    actions.add_argument('-b', '--bcrypthash', action='store_const',
-                         help='Generate bcrypt hash from supplied password',
-                         dest='do', const=do_bcrypt_hash)
     actions.add_argument('-l', '--listsessions', action='store_const',
                          help='List of all known sessions (some could be invalid)',  # NOQA: E501
                          dest='do', const=do_list_sessions)
-    actions.add_argument('-q', '--queryuser', action='store_const',
-                         help='Get information about supplied username if valid',  # NOQA: E501
-                         dest='do', const=do_query_username)
+    actions.add_argument('-d', '--dropsession', action='store_const',
+                         help='Drop any existing valid session for supplied username',  # NOQA: E501
+                         dest='do', const=do_drop_session)
 
     args = parser.parse_args(raw_args)
     if (args.do):
         args.do(args)
     else:
-        print("Nothing to do. Tip: -h")
+        parser.print_help()
 
 
 if __name__ == "__main__":

diff --git a/orbit/radius.ini b/orbit/radius.ini
@@ -1,6 +1,5 @@
 [uwsgi]
 http = 0.0.0.0:9098
-chdir = /orbit
 wsgi-file = radius.py
 
 disable-logging