Merge branch 'development' of https://github.com/hotosm/fmtm into dev…

…elopment
hotosm · May 20, 2024 · da73439 · da73439
2 parents 278a812 + f87ead7
commit da73439
Show file tree

Hide file tree

Showing 6 changed files with 50 additions and 14 deletions.
diff --git a/.env.example b/.env.example
@@ -42,8 +42,9 @@ FMTM_DB_USER=${FMTM_DB_USER:-"fmtm"}
 FMTM_DB_PASSWORD=${FMTM_DB_PASSWORD:-"fmtm"}
 FMTM_DB_NAME=${FMTM_DB_NAME:-"fmtm"}
 
-### Underpass (optional override) ###
-UNDERPASS_API_URL=${UNDERPASS_API_URL:-"https://api-prod.raw-data.hotosm.org/v1"}
+### raw-data-api (optional override) ###
+RAW_DATA_API_URL=${RAW_DATA_API_URL:-"https://api-prod.raw-data.hotosm.org/v1"}
+RAW_DATA_API_AUTH_TOKEN=${RAW_DATA_API_AUTH_TOKEN}
 
 # Monitoring (OpenTelemetry). Options: 'openobserve', 'sentry'.
 MONITORING=${MONITORING}

diff --git a/src/backend/app/config.py b/src/backend/app/config.py
@@ -262,7 +262,16 @@ def configure_s3_download_root(cls, v: Optional[str], info: ValidationInfo) -> s
                 return f"http://s3.{fmtm_domain}:{dev_port}"
             return f"https://s3.{fmtm_domain}"
 
-    UNDERPASS_API_URL: HttpUrlStr = "https://api-prod.raw-data.hotosm.org/v1"
+    RAW_DATA_API_URL: HttpUrlStr = "https://api-prod.raw-data.hotosm.org/v1"
+    RAW_DATA_API_AUTH_TOKEN: Optional[str] = None
+
+    @field_validator("RAW_DATA_API_AUTH_TOKEN", mode="before")
+    @classmethod
+    def set_raw_data_api_auth_none(cls, v: Optional[str]) -> Optional[str]:
+        """Set RAW_DATA_API_AUTH_TOKEN to None if set to empty string."""
+        if v == "":
+            return None
+        return v
 
     # Used for temporary auth feature
     OSM_SVC_ACCOUNT_TOKEN: Optional[str] = None

diff --git a/src/backend/app/helpers/helper_routes.py b/src/backend/app/helpers/helper_routes.py
@@ -30,8 +30,9 @@
     UploadFile,
 )
 from fastapi.exceptions import HTTPException
-from fastapi.responses import FileResponse, JSONResponse, Response
+from fastapi.responses import FileResponse, JSONResponse, RedirectResponse, Response
 from osm_fieldwork.xlsforms import xlsforms_path
+from requests import get
 
 from app.auth.osm import AuthUser, login_required
 from app.central import central_deps
@@ -228,12 +229,37 @@ async def convert_odk_submission_json_to_geojson_wrapper(
     return Response(submission_geojson.getvalue(), headers=headers)
 
 
-@router.get("/view-auth-token")
+@router.get("/view-raw-data-api-token")
+async def get_raw_data_api_osm_token(
+    request: Request,
+    current_user: AuthUser = Depends(login_required),
+):
+    """Get the OSM OAuth token for a service account for raw-data-api.
+
+    The token returned by this endpoint should be used for the
+    RAW_DATA_API_AUTH_TOKEN environment variable.
+    """
+    response = get(f"{settings.RAW_DATA_API_URL}/auth/login")
+    if not response.ok:
+        raise HTTPException(
+            status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
+            detail="Could not login to raw-data-api",
+        )
+
+    raw_api_login_url = response.json().get("login_url")
+    return RedirectResponse(raw_api_login_url)
+
+
+@router.get("/view-fmtm-api-token")
 async def view_user_oauth_token(
     request: Request,
     current_user: AuthUser = Depends(login_required),
 ):
-    """Get the OSM OAuth token for a logged in user."""
+    """Get the FMTM OSM (OAuth) token for a logged in user.
+
+    The token is encrypted with a secret key and only usable via
+    this FMTM instance and the osm-login-python module.
+    """
     cookie_name = settings.FMTM_DOMAIN.replace(".", "_")
     return JSONResponse(
         status_code=HTTPStatus.OK,

diff --git a/src/backend/app/projects/project_crud.py b/src/backend/app/projects/project_crud.py
@@ -454,16 +454,16 @@ async def generate_data_extract(
     pg = PostgresClient(
         "underpass",
         extract_config,
-        auth_token=settings.OSM_SVC_ACCOUNT_TOKEN
-        if settings.OSM_SVC_ACCOUNT_TOKEN
+        auth_token=settings.RAW_DATA_API_AUTH_TOKEN
+        if settings.RAW_DATA_API_AUTH_TOKEN
         else None,
     )
     fgb_url = pg.execQuery(
         aoi,
         extra_params={
             "fileName": (
                 f"fmtm/{settings.FMTM_DOMAIN}/data_extract"
-                if settings.OSM_SVC_ACCOUNT_TOKEN
+                if settings.RAW_DATA_API_AUTH_TOKEN
                 else "fmtm_extract"
             ),
             "outputType": "fgb",

diff --git a/src/backend/pdm.lock b/src/backend/pdm.lock
diff --git a/src/backend/pyproject.toml b/src/backend/pyproject.toml
@@ -47,7 +47,7 @@ dependencies = [
     "defusedxml>=0.7.1",
     "osm-login-python==1.0.3",
     "osm-fieldwork==0.9.2",
-    "osm-rawdata==0.2.4",
+    "osm-rawdata==0.3.0",
     "fmtm-splitter==1.2.1",
 ]
 requires-python = ">=3.10"