config: better config handling + cors setting support

Channelstream · Aug 14, 2016 · 73dab1c · 73dab1c
1 parent 3e0eb7b
commit 73dab1c
Show file tree

Hide file tree

Showing 3 changed files with 78 additions and 68 deletions.
diff --git a/channelstream.ini b/channelstream.ini
@@ -1,4 +1,5 @@
 [channelstream]
+admin_user = admin
 admin_secret = admin_secret
 secret = secret
 port = 8000

diff --git a/channelstream/cli.py b/channelstream/cli.py
@@ -2,15 +2,18 @@
 
 monkey.patch_all()
 
-from six.moves import configparser
+import copy
 import logging
 import argparse
 
+from six.moves import configparser
+
 from gevent.server import StreamServer
 from pyramid.settings import asbool
+
+import channelstream.wsgi_app as pyramid_app
 from channelstream.gc import gc_conns_forever, gc_users_forever
 from channelstream.policy_server import client_handle
-import channelstream.wsgi_app as pyramid_app
 from channelstream.ws_app import ChatApplicationSocket
 
 from ws4py.server.geventserver import WebSocketWSGIApplication, \
@@ -33,86 +36,83 @@ def __call__(self, environ, start_response):
 
         return self.wsgi_app(environ, start_response)
 
+SHARED_DEFAULTS = {
+    'secret': 'secret',
+    'admin_user': 'admin',
+    'admin_secret': 'admin_secret',
+    'gc_conns_after': 30,
+    'gc_channels_after': 3600 * 72,
+    'wake_connections_after': 5,
+    'allow_posting_from': '127.0.0.1',
+    'port': 8000,
+    'host': '0.0.0.0',
+    'debug': False,
+    'demo': False,
+    'allow_cors': ''
+}
+
 
 def cli_start():
-    config = {
-        'secret': '',
-        'admin_secret': '',
-        'gc_conns_after': 30,
-        'gc_channels_after': 3600 * 72,
-        'wake_connections_after': 5,
-        'allow_posting_from': [],
-        'port': 8000,
-        'host': '0.0.0.0',
-        'debug': False
-    }
+    config = copy.deepcopy(SHARED_DEFAULTS)
 
     parser = argparse.ArgumentParser(add_help=False)
-    parser.add_argument("-?", "--help", action="help")
-    parser.add_argument("-i", "--ini", dest="ini",
-                        help="config file location",
+    parser.add_argument('-?', '--help', action='help')
+    parser.add_argument('-i', '--ini', dest='ini',
+                        help='config file location',
                         default=None)
-    parser.add_argument("-s", "--secret", dest="secret",
-                        help="secret used to secure your requests",
-                        default='secret')
-    parser.add_argument("-u", "--admin_username", dest="admin_user",
-                        help="Administrator username", default='admin')
-    parser.add_argument("-a", "--admin_secret", dest="admin_secret",
-                        help="secret used to secure your admin_panel",
-                        default='admin_secret')
-    parser.add_argument("-host", "--host", dest="host",
-                        help="host ip on which the server listens to",
-                        default='0.0.0.0')
-    parser.add_argument("-p", "--port", type=int, dest="port",
-                        help="port on which the server listens to",
-                        default=8000)
-    parser.add_argument("-d", "--debug", dest="debug",
-                        help="debug",
-                        default=0)
-    parser.add_argument("-e", "--demo", dest="demo",
-                        help="demo enabled",
-                        default=False)
-    parser.add_argument("-x", "--allowed_post_ip", dest="allow_posting_from",
-                        help="comma separated list of ip's "
-                             "that can post to server",
-                        default="127.0.0.1"
-                        )
+    parser.add_argument('-s', '--secret', dest='secret',
+                        help='secret used to secure your requests')
+    parser.add_argument('-u', '--admin_username', dest='admin_user',
+                        help='Administrator username')
+    parser.add_argument('-a', '--admin_secret', dest='admin_secret',
+                        help='secret used to secure your admin_panel')
+    parser.add_argument('-host', '--host', dest='host',
+                        help='host ip on which the server listens to')
+    parser.add_argument('-p', '--port', type=int, dest='port',
+                        help='port on which the server listens to')
+    parser.add_argument('-d', '--debug', dest='debug', help='debug')
+    parser.add_argument('-e', '--demo', dest='demo', help='demo enabled')
+    parser.add_argument('-x', '--allowed_post_ip', dest='allow_posting_from',
+                        help='comma separated list of ip\'s '
+                             'that can post to server')
+    parser.add_argument('-c', '--allow_cors', dest='allow_cors',
+                        help='comma separated list of domains\'s '
+                             'that can connect to server')
     args = parser.parse_args()
+
+    parameters = (
+        'debug', 'port', 'host', 'secret', 'admin_user', 'admin_secret',
+        'demo', 'allow_posting_from', 'allow_cors')
+
     if args.ini:
         parser = configparser.ConfigParser()
         parser.read(args.ini)
-        config['admin_user'] = parser.get('admin_user', 'admin')
-        non_optional_parameters = (
-            'debug', 'port', 'host', 'secret', 'admin_secret',
-            'demo_app_url', 'demo')
-        for key in non_optional_parameters:
+        settings = dict(parser.items('channelstream'))
+        for key in parameters:
             try:
-                config[key] = parser.get('channelstream', key)
-            except configparser.NoOptionError:
+                config[key] = settings[key]
+            except KeyError:
                 pass
-
-        try:
-            ips = [ip.strip() for ip in parser.get(
-                'channelstream', 'allow_posting_from').split(',')]
-            config['allow_posting_from'].extend(ips)
-        except configparser.NoOptionError:
-            pass
-
     else:
-        config['debug'] = args.debug
-        config['port'] = args.port
-        config['demo'] = asbool(args.demo)
-        config['host'] = args.host
-        config['secret'] = args.secret
-        config['admin_user'] = args.admin_user
-        config['admin_secret'] = args.admin_secret
-        config['allow_posting_from'].extend(
-            [ip.strip() for ip in args.allow_posting_from.split(',')])
+        for key in parameters:
+            conf_value = getattr(args, key)
+            if conf_value:
+                config[key] = conf_value
 
     # convert types
-    config['debug'] = int(config['debug'])
+    config['debug'] = asbool(config['debug'])
     config['port'] = int(config['port'])
-    config['demo'] = asbool(args.demo)
+    config['demo'] = asbool(config['demo'])
+
+
+    for key in ['allow_posting_from', 'allow_cors']:
+        if not config[key]:
+            continue
+        try:
+            listed = [ip.strip() for ip in config[key].split(',')]
+            config[key] = listed
+        except ValueError:
+            pass
 
     log_level = logging.DEBUG if config['debug'] else logging.INFO
     logging.basicConfig(level=log_level)

diff --git a/channelstream/utils.py b/channelstream/utils.py
@@ -1,5 +1,14 @@
 def handle_cors(request):
-    request.response.headers.add('Access-Control-Allow-Origin', '*')
+    settings = request.registry.settings
+    if not settings['allow_cors']:
+        request.response.headers.add('Access-Control-Allow-Origin', '*')
+    else:
+        origin = request.headers.get('Origin') or '<>'
+        for domain in settings['allow_cors']:
+            if domain in origin:
+                request.response.headers.add('Access-Control-Allow-Origin', '*')
+                break
+
     request.response.headers.add('XDomainRequestAllowed', '1')
     request.response.headers.add('Access-Control-Allow-Methods',
                                  'GET, POST, OPTIONS, PUT')