removed cookies usages from API

2021-09-06 11:52:47 +08:00 · 2021-09-06 11:52:47 +08:00 · 4243ad043e
parent 1ba3b3658d
commit 4243ad043e
5 changed files with 11 additions and 27 deletions
--- a/myems-api/README.md
+++ b/myems-api/README.md
@ -117,9 +117,7 @@ git clone https://github.com/MyEMS/myems.git
 cd ~/myems/myems-api
 sudo cp -R ~/myems/myems-api /myems-api
 ```
-  Change the config file:
-
-  Note: change cookie domain to the actual domain or IP address of Web UI and Admin UI
+  Change IP address in the config file:
 ```bash
 sudo nano /myems-api/config.py
 ```
@ -283,9 +281,9 @@ curl -i -X GET {{base_url}}/costfiles
 curl -i -X DELETE {{base_url}}/costfiles/{id}
 ```
 *   POST Upload a Cost File
-  (user must login first to get cookie)
+  (call users login API to get 'User-UUID' and 'Token')
 ```bash
-curl -i -H "Content-Type: application/TBD" -X POST -d 'file: (binary)' {{base_url}}/costfiles
+curl -i -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: 02f93023a39c98e1d1bc9f5197a83dfc5ddc0d48"  -H "Content-Type: application/TBD" -X POST -d 'file: (binary)' {{base_url}}/costfiles
 ```
 *   GET Restore a Cost File by ID from database to disk
 ```bash
@ -944,9 +942,9 @@ curl -i -X GET {{base_url}}/knowledgefiles
 curl -i -X DELETE {{base_url}}/knowledgefiles/{id}
 ```
 *   POST Upload a Knowledge File
- (user must login first to get cookie)
+    (call users login API to get 'User-UUID' and 'Token')
 ```bash
-curl -i -H "Content-Type: application/TBD" -X POST -d 'file: (binary)' {{base_url}}/knowledgefiles
+curl -i -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: 02f93023a39c98e1d1bc9f5197a83dfc5ddc0d48" -H "Content-Type: application/TBD" -X POST -d 'file: (binary)' {{base_url}}/knowledgefiles
 ```
 *   GET Restore a Knowledge File by id from database to disk
 ```bash
@ -1140,9 +1138,9 @@ curl -i -X GET {{base_url}}/offlinemeterfiles
 curl -i -X DELETE {{base_url}}/offlinemeterfiles/{id}
 ```
 *   POST Upload an Offline Meter File
- (user must log in first to get cookie)
+    (call users login API to get 'User-UUID' and 'Token')
 ```bash
-curl -i -H "Content-Type: application/TBD" -X POST -d 'file: (binary)' {{base_url}}/offlinemeterfiles
+curl -i -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: 02f93023a39c98e1d1bc9f5197a83dfc5ddc0d48"  -H "Content-Type: application/TBD" -X POST -d 'file: (binary)' {{base_url}}/offlinemeterfiles
 ```
 *   GET Restore an Offline Meter File by ID from database to disk
 ```bash
--- a/myems-api/config.py
+++ b/myems-api/config.py
@ -61,10 +61,6 @@ myems_reporting_db = {
    'database': 'myems_reporting_db',
 }

-# address for Cookie domain
-# use the actual domain or IP address of Web UI and Admin UI
-myems_api_domain = '127.0.0.1'
-
 # indicated in how many minutes to calculate meter energy consumption
 # 30 for half hourly period
 # 60 for hourly period
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@ -447,10 +447,6 @@ class UserLogin:
        cnx.commit()
        cursor.close()
        cnx.disconnect()
-        resp.set_cookie('user_uuid', user_uuid,
-                        domain=config.myems_api_domain, path='/', secure=False, http_only=False)
-        resp.set_cookie('token', token,
-                        domain=config.myems_api_domain, path='/', secure=False, http_only=False)
        del result['salt']
        del result['password']
        result['token'] = token
@ -502,11 +498,6 @@ class UserLogout:
        if rowcount is None or rowcount == 0:
            raise falcon.HTTPError(falcon.HTTP_404, title='API.NOT_FOUND',
                                   description='API.USER_SESSION_NOT_FOUND')
-
-        resp.set_cookie('user_uuid', '',
-                        domain=config.myems_api_domain, path='/', secure=False, http_only=False)
-        resp.set_cookie('token', '',
-                        domain=config.myems_api_domain, path='/', secure=False, http_only=False)
        resp.body = json.dumps("OK")
        resp.status = falcon.HTTP_200

--- a/myems-api/core/userlogger.py
+++ b/myems-api/core/userlogger.py
@ -54,12 +54,12 @@ def user_logger(func):
            func(*args, **kwargs)
            return
        req, resp = args
-        cookies = req.cookies
-        if cookies is not None and 'user_uuid' in cookies.keys():
-            user_uuid = cookies['user_uuid']
+        headers = req.headers
+        if headers is not None and 'USER-UUID' in headers.keys():
+            user_uuid = headers['USER-UUID']
        else:
            # todo: deal with requests with NULL user_uuid
-            print('user_logger: user_uuid is NULL')
+            print('user_logger: USER-UUID is NULL')
            # do not log for NULL user_uuid
            func(*args, **kwargs)
            return
--- a/myems-api/reports/dashboard.py
+++ b/myems-api/reports/dashboard.py
@ -33,7 +33,6 @@ class Reporting:
    ####################################################################################################################
    @staticmethod
    def on_get(req, resp):
-        print(req.params)
        user_uuid = req.params.get('useruuid')
        period_type = req.params.get('periodtype')
        base_start_datetime_local = req.params.get('baseperiodstartdatetime')