mit-submit · julius-heitkoetter · Nov 27, 2023 · Nov 27, 2023 · Nov 27, 2023 · Nov 27, 2023
diff --git a/.github/workflows/dev-ci-cd.yaml b/.github/workflows/dev-ci-cd.yaml
@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - main
+      - feature/login_page
 jobs:
   deploy-dev-system:
     runs-on: ubuntu-latest
@@ -45,12 +46,18 @@ jobs:
           /bin/bash ${workspace}/deploy/create_secret.sh sender_replyto.txt ${{ secrets.DEV_SENDER_REPLYTO }}
           /bin/bash ${workspace}/deploy/create_secret.sh sender_user.txt ${{ secrets.DEV_SENDER_USER }}
           /bin/bash ${workspace}/deploy/create_secret.sh sender_pw.txt ${{ secrets.DEV_SENDER_PW }}
-          /bin/bash ${workspace}/deploy/create_secret.sh flask_uploader_app_secret_key.txt ${{ secrets.DEV_FLASK_UPLOADER_APP_SECRET_KEY }}
+          /bin/bash ${workspace}/deploy/create_secret.sh flask_app_secret_key.txt ${{ secrets.DEV_FLASK_APP_SECRET_KEY }}
           /bin/bash ${workspace}/deploy/create_secret.sh uploader_salt.txt ${{ secrets.DEV_UPLOADER_SALT }}
           /bin/bash ${workspace}/deploy/create_secret.sh openai_api_key.txt ${{ secrets.OPENAI_API_KEY }}
           /bin/bash ${workspace}/deploy/create_secret.sh hf_token.txt ${{ secrets.HF_TOKEN }}
           /bin/bash ${workspace}/deploy/create_secret.sh pg_password.txt ${{ secrets.DEV_PG_PASSWORD }}
           /bin/bash ${workspace}/deploy/create_secret.sh grafana_password.txt ${{ secrets.DEV_GRAFANA_PG_PASSWORD }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate_key.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE_KEY }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_id.txt ${{ secrets.DEV_MIT_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_secret.txt ${{ secrets.DEV_MIT_CLIENT_SECRET }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_id.txt ${{ secrets.DEV_GOOGLE_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_secret.txt ${{ secrets.DEV_GOOGLE_CLIENT_SECRET }}
 
       # create env file to set tag(s) for docker-compose
       - name: Create Env File
@@ -63,25 +70,25 @@ jobs:
       # create deployment directory if it doesn't already exist
       - name: Create Directory
         run: |
-          ssh submit06 "mkdir -p ~/A2rchi-dev/"
+          ssh submit-t3desk "mkdir -p ~/A2rchi-dev/"
 
       # stop any existing docker compose that's running
       - name: Stop Docker Compose
         run: |
-          ssh submit06 'bash -s' < ${{ github.workspace }}/deploy/dev/dev-stop.sh
+          ssh submit-t3desk 'bash -s' < ${{ github.workspace }}/deploy/dev/dev-stop.sh
 
       # copy repository to machine
       - name: Copy Repository
         run: |
-          rsync -e ssh -r ${{ github.workspace}}/* --exclude .git/ --delete submit06:~/A2rchi-dev/
+          rsync -e ssh -r ${{ github.workspace}}/* --exclude .git/ --delete submit-t3desk:~/A2rchi-dev/
 
       # run deploy script
       - name: Run Deploy Script
         run: |
           export tag="${GITHUB_REF#refs/heads/}"
           export tag="${tag//\//-}.${GITHUB_SHA}"
           sed -i "s/BASE_TAG/${tag}/" ${{ github.workspace }}/deploy/dev/dev-install.sh
-          ssh submit06 'bash -s' < ${{ github.workspace }}/deploy/dev/dev-install.sh
+          ssh submit-t3desk 'bash -s' < ${{ github.workspace }}/deploy/dev/dev-install.sh
 
       # clean up secret files
       - name: Remove Secrets from Runner

diff --git a/.github/workflows/prod-801-ci-cd.yaml b/.github/workflows/prod-801-ci-cd.yaml
@@ -40,6 +40,12 @@ jobs:
           /bin/bash ${workspace}/deploy/create_secret.sh hf_token.txt ${{ secrets.HF_TOKEN }}
           /bin/bash ${workspace}/deploy/create_secret.sh pg_password.txt ${{ secrets.PROD_801_PG_PASSWORD }}
           /bin/bash ${workspace}/deploy/create_secret.sh grafana_password.txt ${{ secrets.PROD_801_GRAFANA_PG_PASSWORD }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate_key.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE_KEY }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_id.txt ${{ secrets.DEV_MIT_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_secret.txt ${{ secrets.DEV_MIT_CLIENT_SECRET }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_id.txt ${{ secrets.DEV_GOOGLE_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_secret.txt ${{ secrets.DEV_GOOGLE_CLIENT_SECRET }}
 
       # create env file to set tag(s) for docker-compose
       - name: Create Env File

diff --git a/.github/workflows/prod-ci-cd.yaml b/.github/workflows/prod-ci-cd.yaml
@@ -51,6 +51,12 @@ jobs:
           /bin/bash ${workspace}/deploy/create_secret.sh hf_token.txt ${{ secrets.HF_TOKEN }}
           /bin/bash ${workspace}/deploy/create_secret.sh pg_password.txt ${{ secrets.PROD_PG_PASSWORD }}
           /bin/bash ${workspace}/deploy/create_secret.sh grafana_password.txt ${{ secrets.PROD_GRAFANA_PG_PASSWORD }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate_key.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE_KEY }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_id.txt ${{ secrets.DEV_MIT_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_secret.txt ${{ secrets.DEV_MIT_CLIENT_SECRET }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_id.txt ${{ secrets.DEV_GOOGLE_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_secret.txt ${{ secrets.DEV_GOOGLE_CLIENT_SECRET }}
 
       # create env file to set tag(s) for docker-compose
       - name: Create Env File

diff --git a/.github/workflows/prod-meta-ci-cd.yaml b/.github/workflows/prod-meta-ci-cd.yaml
@@ -50,6 +50,12 @@ jobs:
           /bin/bash ${workspace}/deploy/create_secret.sh uploader_salt.txt ${{ secrets.PROD_UPLOADER_SALT }}
           /bin/bash ${workspace}/deploy/create_secret.sh openai_api_key.txt ${{ secrets.OPENAI_API_KEY }}
           /bin/bash ${workspace}/deploy/create_secret.sh hf_token.txt ${{ secrets.HF_TOKEN }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate_key.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE_KEY }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_id.txt ${{ secrets.DEV_MIT_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_secret.txt ${{ secrets.DEV_MIT_CLIENT_SECRET }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_id.txt ${{ secrets.DEV_GOOGLE_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_secret.txt ${{ secrets.DEV_GOOGLE_CLIENT_SECRET }}
 
       # create env file to set tag(s) for docker-compose
       - name: Create Env File

diff --git a/.github/workflows/prod-root-ci-cd.yaml b/.github/workflows/prod-root-ci-cd.yaml
@@ -40,6 +40,12 @@ jobs:
           /bin/bash ${workspace}/deploy/create_secret.sh hf_token.txt ${{ secrets.HF_TOKEN }}
           /bin/bash ${workspace}/deploy/create_secret.sh pg_password.txt ${{ secrets.PROD_ROOT_PG_PASSWORD }}
           /bin/bash ${workspace}/deploy/create_secret.sh grafana_password.txt ${{ secrets.PROD_ROOT_GRAFANA_PG_PASSWORD }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE }}
+          /bin/bash ${workspace}/deploy/create_secret.sh a2rchi_ssl_certificate_key.txt ${{ secrets.A2RCHI_SSL_CERTIFICATE_KEY }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_id.txt ${{ secrets.DEV_MIT_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh mit_client_secret.txt ${{ secrets.DEV_MIT_CLIENT_SECRET }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_id.txt ${{ secrets.DEV_GOOGLE_CLIENT_ID }}
+          /bin/bash ${workspace}/deploy/create_secret.sh google_client_secret.txt ${{ secrets.DEV_GOOGLE_CLIENT_SECRET }}
 
       # create env file to set tag(s) for docker-compose
       - name: Create Env File

diff --git a/a2rchi/bin/service_chat.py b/a2rchi/bin/service_chat.py
@@ -1,18 +1,40 @@
 #!/bin/python
+
 from a2rchi.interfaces.chat_app.app import FlaskAppWrapper
+from a2rchi.interfaces.chat_app.user import User
 from a2rchi.utils.config_loader import Config_Loader
 from a2rchi.utils.env import read_secret
 
 from flask import Flask
+from flask_login import LoginManager
+import tempfile
+
+global_config = Config_Loader().config["global"]
+app_config = Config_Loader().config["interfaces"]["chat_app"]
 
 import os
+import sqlite3
 
 # set openai
 os.environ['OPENAI_API_KEY'] = read_secret("OPENAI_API_KEY")
 os.environ['HUGGING_FACE_HUB_TOKEN'] = read_secret("HUGGING_FACE_HUB_TOKEN")
-config = Config_Loader().config["interfaces"]["chat_app"]
-global_config = Config_Loader().config["global"]
-print(f"Starting Chat Service with (host, port): ({config['HOST']}, {config['PORT']})")
+
+# database setup
+print(f"Initializing database")
+DB_PATH = os.path.join(global_config['DATA_PATH'], "flask_sqlite_db")
+
+# read sql script
+sql_script = None
+with open(app_config['DB_INIT_SCRIPT'], 'r') as f:
+    sql_script = f.read()
+
+# connect to db, create user table if it doesn't exist, and commit
+db = sqlite3.connect(DB_PATH, detect_types=sqlite3.PARSE_DECLTYPES)
+cursor = db.cursor()
+cursor.executescript(sql_script)
+db.commit()
+cursor.close()
+db.close()
 
 def generate_script(config):
     """
@@ -33,10 +55,49 @@ def generate_script(config):
 
     return
 
-generate_script(config)
-app = FlaskAppWrapper(Flask(
+# fill in template variables for front-end JS
+generate_script(app_config)
+
+# initialize app object
+print("Initializing flask app")
+app = Flask(
     __name__,
-    template_folder=config["template_folder"],
-    static_folder=config["static_folder"],
-))
-app.run(debug=True, port=config["PORT"], host=config["HOST"])
+    template_folder=app_config["template_folder"],
+    static_folder=app_config["static_folder"],
+)
+
+# User session management setup: https://flask-login.readthedocs.io/en/latest
+print("Setting up login manager")
+login_manager = LoginManager()
+login_manager.init_app(app)
+
+# Flask-Login helper to retrieve a user from our db
+@login_manager.user_loader
+def load_user(user_id):
+    return User.get(user_id)
+
+# start app
+print(f"Starting Chat Service with (host, port): ({app_config['HOST']}, {app_config['PORT']})")
+app = FlaskAppWrapper(app)
+if False: #app_config["HOSTNAME"] == "a2rchi.mit.edu":
+
+    print("Adding SSL certificates for a2rchi.mit.edu")
+
+    #get the ssl cert and key and save them to temporary files
+    ssl_cert = read_secret("A2RCHI_SSL_CERTIFICATE")
+    ssl_key = read_secret("A2RCHI_SSL_CERTIFICATE_KEY")
+    cert_file = tempfile.NamedTemporaryFile(delete=False)
+    key_file = tempfile.NamedTemporaryFile(delete=False)
+    cert_file.write(ssl_cert.encode())
+    key_file.write(ssl_key.encode())
+
+    app.run(debug=True, port=app_config["PORT"], host=app_config["HOST"], ssl_context=(cert_file.name, key_file.name))
+
+    #remove the temp ssl cert and key temp files
+    os.unlink(cert_file.name)
+    os.unlink(key_file.name)
+
+else:
+
+    print("No SSL certificate for this server found. Starting up with adhoc SSL certification")
+    app.run(debug=True, port=app_config["PORT"], host=app_config["HOST"], ssl_context="adhoc")