I am developing an application with flask, which has a page with a map drawn on it, it is generated by a JSON, when a change is made on the map by the user it sends the change to the server and this makes a response to the user that made the request.
What i want is that when making the response it is made to all the users that are connected to the page so that the information is refreshed, and not only for the one who made the request.
you will have to implement some registration mechanizm for clients, so when an update occur, you iterate over clients in the registration list and send them the new data
to implement the actual push, you can do it with web-sockets (best for high throughput and small messages) or you can use server-send-event for that (much simpler implementation mainly because it's riding on the http protocol)
there are other approaches using more advanced techniques, but, those 2 are the simplest and basic ones
What you are searching for is notification in push
im guessing one of the possible options for you is to make you javascript code \ or html to send a request every few minutes to check for new json
it can be simple done with ajax and interval
Related
My objective is to create a Flask API that allows for the following three pieces of functionality:
1- User A can make requests and each request has a deadline associated with it. In my mind, this is a simple post request with a unique ID, and a due date/time. This can probably get held in memory or saved to a DB.
2- User B gets notified of the request and has x time to respond to the request. The time is the same as the one in the first request. This user must upload an image to satisfy the request above.
3- User A can check the image, and either accept or reject it, the results of which get logged.
I have a few pieces of logic built out, but nothing impressive. What i am looking figure out is how to orchestrate this within Flask. Is there a particular pattern i should be researching, or any guidance on similar examples i can use?
The front end for this will be a telegram application.
I have a django server built for a mobile app i.e. using JSON response.
The app has a simple social media feed.
The admins of the app have the ability to use push notifications (through firebase) on posting a new post to the feed.
At the movement the code is 'synchronous' and goes something like
def post(View):
# validate post ect...
# store it in database
# ! Send push notifications !
# return response
The issue is if firebase lags or is slow (which it sometimes seems to be) this can slow down the response. What I would like to do is make an asynchronous function that I can call to handle the push notification and forget about it and return the response to the user and the push notification can take as long as it needs.
[Meta]
Help in wording the title would be appreciated.
Developing a simple chat system via Django - I've implemented some methods for sending/receiving messages.
For example ( this isn't my implementation but just an example one from another chat application ) :
def post(request):
time.sleep(2)
if not request.is_ajax():
HttpResponse (" Not an AJAX request ")
if request.method == 'POST':
if request.POST['message']:
message = request.POST['message']
to_user = request.POST['to_user']
ChatMessage.objects.create(sender = request.user, receiver = User.objects.get(username = to_user), message = message, session = Session.objects.get(session_key = request.session.session_key))
return HttpResponse (" Not an POST request ")
Now that I have the method written - I need to test to see if the message is added. At this point I have not written any JavaScript for I.e. intervals to refresh and wait for messages ect. Should I go straight into writing JS or test this method first and see if it works correctly then write the JS for it? sounds like an idiotic question but I'm finding it hard to understand how I'd go about testing the method...
In my opinion it doesn't matter. You will find many developers who are test-before, and many who are test-after. Implement it in whatever order you prefer. Sometimes when in haste it is easier to write a working prototype without any tests first (especially if the interfaces aren't finalized and still change a lot during development, in this case you don't waste time by adjusting a lot of tests every time you have to change some interfaces.). Just don't be lazy to write the tests at least when you already have the finalized interfaces.
What really matters is to have well defined interfaces. From a backend perspective you will have an interface implementation (the view in this case) and one or more users for the interface: both the frontend and the test are users of the backend implementation but there could be even more. After having the interface it really doesn't matter which one you implement first. By mocking one side of the interface you can implement the other side without having the original version of the mocked side. For example by mocking/faking server responses with javascript code (with pre-baked possibly constant data) you can write only a frontend without any backend code. You can also write the backend first, or a the tests for the backend... You decide.
In teams where you have specialized developers (frontend/backend) you can agree on an interface and then both on the frontend and the backend side you can "mock" (fake) the other side of the interface: The frontend guys write some code that emulates the server responses with some fake data, and the backend guys write some tests that emulate the client with some fake requests. This way the frontend and backend team doesn't have to wait for each other to finish with the code and both the frontend and the backend are testable alone. Of course later it is recommended to add end-to-end (e2e) testing that tests the whole stack connected together.
Again, what really matters most is usually having well defined interfaces and not the code that is written around the interfaces. In crappy systems the problem is usually that you have only code without interfaces... If a system is architecturally well built and the interfaces are well defined then quite a lot of crappy code written around the interfaces can be manageable.
In case of django views that have a well defined interface I usually develop the backend first along with the tests. In your case the django test is super simple: You just create a django test client (https://docs.djangoproject.com/en/1.8/topics/testing/tools/#test-client), post some fake requests with it to simulate the client and then you check whether the db contains the expected objects as a result.
Some additional advices:
Decorate your view with #require_POST
I think you shouldn't use request.is_ajax() to deny responding to the client. request.is_ajax() is usually used to find out what kind of response is needed by the client. If the POST request was sent by a form of an html page then you want to generate another html page as a response. If the request was sent using ajax then you usually want to respond with processable data (json, xml, etc...) instead of html.
Since your method has to have a request made by the client and then served a HttpResponse (on-the-whole), you can only check that via an AJAX query from the front-end. I would recommend building a quick AJAX query, also because, the ChatMessage creation involves a session_key, which can only be found when a request is made in the first place.
I'm making a new RESTful API in Flask that should accept both GET (for requesting the resource) and PATCH (for performing various incremental, non-idempotent updates) for a given object. The thing is that some of the data that's patched in must be authenticated, and some shouldn't be.
To clarify this with an example, let's say I'm building an app that let's everyone query how many times a resource has been clicked on and how many times its page has been viewed. It also let's people do an update on the resource in javascript saying the resource was clicked again (unauthenticated, since it's coming from the front-end). It additionally let's an authenticated backend increment the number of times the page has been viewed.
So, following RESTful principles, I'm thinking all three actions should be done on the same path-- something like /pages/some_page_name which should accept both GET and PATCH and should accept two different kinds of data with PATCH. The problem is that in Flask, it looks like authentication is always done with a decorator around a method, so if I have a method like #app.route('/pages/<page_id>', methods=['GET', 'PATCH']), my authentication would be done with a decorator like #auth.login_required for that whole method, which would force even the methods that don't require authentication to be authenticated.
So, my question is three-fold:
Am I right in structuring all three actions mentioned under the same path/ is this important?
If I am right, and this is important, how do I require authentication only for the one type of PATCH?
If this is not important, what's a better or simpler way to structure this API?
I see several problems with your design.
let's say I'm building an app that let's everyone query how many times a resource has been clicked on and how many times its page has been viewed
Hmm. This isn't really a good REST design. You can't have clients query select "properties" of resources, only the resources themselves. If your resource is a "page", then a GET request to /pages/some_page_name should return something like this (in JSON):
{
'url': 'http://example.com/api/pages/some_page_name',
'clicks': 35,
'page_views': 102,
<any other properties of a page resource here>
}
It also let's people do an update on the resource in javascript saying the resource was clicked again
"clicking something" is an action, so it isn't a good REST model. I don't know enough about your project so I can be wrong, but I think the best solution for this is to let the user click the thing, then the server will receive some sort of a request (maybe a GET to obtain the resource that was clicked?). The server is then in a position to increment the clicks property of the resource on its own.
(unauthenticated, since it's coming from the front-end).
This can be dangerous. If you allow changes to your resources from anybody, then you are open to attacks, which may be a problem. Nothing will prevent me from looking at your Javascript and reverse engineering your API, and then send bogus requests to artificially change the counters. This may be an acceptable risk, but make sure you understand this may happen.
It additionally let's an authenticated backend increment the number of times the page has been viewed.
Backend? Is this a client or a server? Sounds like it should be a client. Once again, "incrementing" is not a good match for REST type APIs. Let the server manage the counters based on the requests it receives from clients.
Assuming I understand what you are saying, it seems to me you only need to support GET. The server can update these counters on its own as it receives requests, clients do not need to bother with that.
UPDATE: After some additional info provided in the comments below, what I think you can do to be RESTful is to also implement a PUT request (or PATCH if you are into partial resource updates).
If you do a PUT, then the client will send the same JSON representation above, but it will increment the corresponding counter. You could add validation in the server to ensure that the counters are incremented sequentially, and return a 400 status code if it finds that they are not (maybe this validation is skipped for certain authenticated users, up to you). For example, starting from the above example, if you need to increment the clicks (but not the page views), then send a PUT request with:
{
'url': 'http://example.com/api/pages/some_page_name',
'clicks': 36,
'page_views': 102
}
If you are using PATCH, then you can remove the items that don't change:
{
'clicks': 36
}
I honestly feel this is not the best design for your problem. You have very specific client and server here, that are designed to work with each other. REST is a good design for decoupled clients and servers, but if you are on both sides of the line then REST doesn't really give you a lot.
Now regarding your authentication question, if your PUT/PATCH needs to selectively authenticate, then you can issue the HTTP Basic authentication exchange only when necessary. I wrote the Flask-HTTPAuth extension, you can look at how I implemented this exchange and copy the code into your view function, so that you can issue it only when necessary.
I hope this clarifies things a bit.
I am working on a social-network type of application on App Engine, and would like to send multiple images to the client based on a single get request. In particular, when a client loads a page, they should see all images that are associated with their account.
I am using python on the server side, and would like to use Javascript/JQuery on the client side to decode/display the received images.
The difficulty is that I would like to only perform a single query on the server side (ie. query for all images associated with a single user) and send all of the images resulting from the query to the client as a single unit, which will then be broken up into the individual images. Ideally, I would like to use something similar to JSON, but while JSON appears to allow multiple "objects" to be sent as a JSON response, it does not appear to have the ability to allow multiple images (or binary files) to be sent as a JSON response.
Is there another way that I should be looking at this problem, or perhaps a different technology that I should be considering that might allow me to send multiple images to the client, in response to a single get request?
Thank you and Kind Regards
Alexander
The App Engine part isn't much of a problem (as long as the number of images and total size doesn't exceed GAE's limits), but the user's browser is unlikely to know what to do in order to receive multiple payloads per GET request -- that's just not how the web works. I guess you could concatenate all the blobs/bytestreams (together with metadata needed for the client to reconstruct them) and send that (it will still have to be a separate payload from the HTML / CSS / Javascript that you're also sending), as long as you can cajole Javascript into separating the megablob into the needed images again (but for that part you should open a separate question and tag it Javascript, as Python has little to do with it, and GAE nothing at all).
I would instead suggest just accepting the fact that the browser (presumably via ajax, as you mention in tags) will be sending multiple requests, just as it does to every other webpage on the WWW, and focus on optimizing the serving side -- the requests will be very close in time, so you should just use memcache to keep the yet-unsent images to avoid multiple fetch-from-storage requests in your GAE app.
As an improvement to Alex's answer, there's no need to use memcache: Simply do a keys-only query to get a list of keys of images you want to send to the client, then use db.get() to fetch the image corresponding to the required key for each image request. This requires roughly the same amount of effort as a single regular query.
Trying to send all of the images in one request means that you will be fighting very hard against some of the fundamental assumptions of the web and browser technology. If you don't have a really, really compelling reason to do this, you should consider delivering one image per request. That already works now, no sweat, no effort, no wheels reinvented.
I can't think of a sensible way to do what you ask, but I can tell you that you are asking for pain in trying to implement the solution that you are describing.
Send the client URLs for all the images in one hit, and deal with it on the client. That fits with the design of the protocol, and still lets you only make one query. The client might, if you're lucky, be able to stream those back in its next request, but the neat thing is that it'll work (eventually) even if it can't reuse the connection for some reason (usually a busted proxy in the way).