I have built a python script that sends users telegram notifications about things happening in their account on another service.
For this a user needs to specify API keys for said service so that my script can pull the required information.
Now currently, for a new user, I manually create a new folder on my VPS, create a new venv, a new settings file and run the application from a screen session named after the user. This is becoming tedious with 10+ users, especially with updates to the script.
I am currently building a flask based website, where users can log in and set their API keys and other parameters on a own dashboard.
What I want to achieve:
if user registers, a new entity of the script has to be created with a settings file next to it containing user information
the user should have the option to start/stop said application from the dashboard
if I release an update to the script I want to deploy it to all users at once and restart their script if it was running
basically the flask website should only act as a configuration dashboard/frontend for the script that runs on my server so that people don't need to have an own VPS or leave their private system running 24/7
How do I go about this? Is it "just" file handling, creating new folders and files from a blueprint after a user registers? Are there better practices?
I tried to find answers to that via google and the stackoverflow search but I did not find a specific recommendation for that usecase.
If anyone could point me towards a resource on that or even better an example somewhere I'd really appreciate it!
Thanks in advance.
You should have only one script and all the configurations saved into a database, then you need to dispatch some notification just pass the right parameters to the script.
Related
I am currently building a web-app that requires a Spotify user to login using their credentials in order to access their playlists
I'm using the Spotipy python wrapper for Spotify's Web API and generating an access token using,
token = util.prompt_for_user_token(username,scope,client_id,client_secret,redirect_uri)
The code runs without any issues on my local machine. But, when I deploy the web-app on AWS, it does not proceed to the redirected uri and allow for user login.
I have tried transferring the ".cache-username" file via SCP to my AWS machine instance and gotten it to work in limited fashion.
Is there a solution to this issue? I'm fairly new to AWS and hence don't have much to go on or any idea where to look. Any help would be greatly appreciated. Thanks in advance!!
The quick way
Run the script locally so the user can sign in once
In the local project folder, you will find a file .cache-{userid}
Copy this file to your project folder on AWS
It should work
The database way
There is currently an open feature request on Github that suggests to store tokens in a DB. Feel free to subscribe to the issue or to contribute https://github.com/plamere/spotipy/issues/51
It's also possible to write a bit of code to persist new tokens into a DB and then read from it. That's what I'm doing as part of an AWS Lambda using DynamoDB, it's not very nice but it works perfectly https://github.com/resident-archive/resident-archive/blob/a869b73f1f64538343be1604d43693b6165cc58a/functions/to-spotify/main.py#L129..L157
The API way
This is probably the best way, as it allows multiple users to sign in simultaneously. However it is a bit more complex and requires you host a server that's accessible by URL.
This example uses Flask but one could adapt it to Django for example https://github.com/plamere/spotipy/blob/master/examples/app.py
So I successfully deployed my dash app with Heroku.
My app has many tabs and saves the state for each tab. Meaning if the user changed the table in one tab and then switch to another tab and comeback to the tab then the table has the same content as before.
The problem is that I don't want the state to be saved if the user exit the site and then entered again.
So far during the development I achieved this by running the python command for running the app again, but now I can't do this (I launched the app with Docker container and it's seems that one image is shared between all the sessions).
Is there a way in Heroku to solve this problem? maybe create a new image for each new sessions?
Thanks in advance.
you create an image to release your application (say v1.0) and run it on Docker env (Heroku or other platforms). The application runs in a container and serves all users: every restart or redeploying a new image would need a downtime which impacts everyone.
The solution (for what I can understand) is that you want to clear the session data for a given user, so the saved state wont be used at the next access.
I think you should look at doing that in your app: for example when accessing the home url (ie entrypoint of your app) clear any setting related to the user (which you would typically recognised with a cookie).
Not if it help, if not share more details on how you save the user state.
I recently started developing a Desktop python application and I would like to know how more expert people would handle this issue.
I used to develop (about 5-10 years ago) web applications in the past using PHP + MySQL and there, since the code/program is located on the server where the user doesn't have access (except the web page), I could simply store the user/group permissions in the database in a table say users, users_groups, users_permissions, and so on. I would then check at every page load if the user had the right to access that page / update that record in the database.
With a desktop application where the user has access to the executable (which can relatively easy be decompiled to source code, being written in Python) the approach will likely be quite different.
Since MySQL has forked into MariaDB and is not so actively developed anymore, PostgreSQL looked promising to start. I thought about creating different users on PostgreSQL level and letting PostgreSQL handle the permissions (instad of my application handling them directly).
However, this only allows tuning of the permissions down to the table level. A user will be allowed to create/delete/update records in a table, however no further control is available. AFAIK you cannot tell "let this user only update his own records" or "this user can only delete the records from this group", or "users from group X can only update their own records while users from group Y can update everybody's records".
My understanding as how to handle this kind of issue would be to put some kind of middleware application between the user and the database, located on the server, such as:
Desktop application <-----> Server-side application permissions handler <-----> Database
Where server-side permission handler could be as simple as adding a "WHERE user=..." to each query as well as much more advanced stuff (first check user permissions stored in the database, based on that decide if letting user execute the query or reject it). I think this is a common problem for all desktop applications and would therefore expect that such a server-side application already exist. Am I missing something obvious or maybe PostgreSQL allows for more detailed fine-tuning?
Thank you for all your help ;)
Your intuition is right. It is never a good idea having a client access directly a database. Take a look a Django https://www.djangoproject.com and https://www.django-rest-framework.org
This would be the the basis for your server side. You would handle here business logic, authentication, authorization. The client should basically present the data within the UI and delegate all the decision making to the server.
Here you can find a step by step tutorial about how to implement a REST api with user authentication in Django. https://wsvincent.com/django-rest-framework-authentication-tutorial/
I am developing a python program which uses the gmail api to access the email data.
I have successfully developed the tutorial program and I am able to access the gmail data and do a lot of interesting things.
At the moment, I have to get the .json file from the gmail account, modify the code, run it, and then ask the user to get a verification code from the web browser, to finally authenticate the app so it can start running.
Now, my question is: how can I make the authentication process easier for the end-user?
It seems to me like this process is during the development of the software, but what if I have finished my development process and I want to make the app commercially/freely available to other users so they can start poking around with it?
Isn't there a way to quickly modify my software to make that process easier for the end user?
Any kind of help is well received, sorry if this had been asked before.
I've built an appeninge project so, how can I run some piece of code on the appserver only once, i.e when ever I upload the whole project on to the server.
How should I achieve this task???
There isn't an official way to discover if your application has been modified altought each time you upload your application it gets a unique version number {app version.(some unique number)} but since there isn't a document API on how to get it I wound't take a risk and use it.
What you need todo is to have a script that will upload your application and when the script is done you can call a handler in your application that set a value in the datastore that marks the application as new.
Once you have that, you can look for it in the datastore in your handlers and run the code if you find it.