diff --git a/backend/backend/apis/bwwc.py b/backend/backend/apis/bwwc.py index 17f111e..7c4fe3b 100644 --- a/backend/backend/apis/bwwc.py +++ b/backend/backend/apis/bwwc.py @@ -314,6 +314,10 @@ def mongo_health(req: HttpRequest) -> HttpResponse: else: return HttpResponseBadRequest("Invalid request method") +@csrf_exempt +def app_health_check(req: HttpRequest) -> HttpResponse: + return HttpResponse("OK") + def get_urlpatterns(): return [ @@ -329,4 +333,5 @@ def get_urlpatterns(): path("api/bwwc/get_submission_history/", get_submission_history), path("api/bwwc/backup/", backup), path("api/bwwc/health/", mongo_health), + path("/api/bwwc/healthz/", app_health_check), ] diff --git a/backend/backend/settings.py b/backend/backend/settings.py index d97cefa..a031b77 100644 --- a/backend/backend/settings.py +++ b/backend/backend/settings.py @@ -37,6 +37,7 @@ SECRET_KEY = os.getenv("SECRET_KEY") DJANGO_ALLOWED_HOSTS = os.getenv("DJANGO_ALLOWED_HOSTS", "") +ALLOW_ALL_HOSTS = os.getenv("ALLOW_ALL_HOSTS", "false") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = DJANGO_ENV == "dev" @@ -56,6 +57,9 @@ if DJANGO_ALLOWED_HOSTS: ALLOWED_HOSTS.extend(DJANGO_ALLOWED_HOSTS.split(",")) +if ALLOW_ALL_HOSTS.lower() == "true": + ALLOWED_HOSTS = ["*"] + CORS_ALLOWED_ORIGINS = [ "http://127.0.0.1:5173", "http://localhost:5173", diff --git a/backend/env/.env.dev b/backend/env/.env.dev index 6d46b49..81110c8 100644 --- a/backend/env/.env.dev +++ b/backend/env/.env.dev @@ -16,4 +16,5 @@ MONGO_USER = bwwc MONGO_PASSWORD = mongo MONGO_DB = bwwc MONGO_PARAMS = "" -DJANGO_ALLOWED_HOSTS = "" \ No newline at end of file +DJANGO_ALLOWED_HOSTS = "" +ALLOW_ALL_HOSTS = false \ No newline at end of file diff --git a/backend/env/.env.example b/backend/env/.env.example index 39ff4fb..f93357e 100644 --- a/backend/env/.env.example +++ b/backend/env/.env.example @@ -17,4 +17,5 @@ MONGO_USER = bwwc MONGO_PASSWORD = mongo MONGO_DB = bwwc MONGO_PARAMS = "" -DJANGO_ALLOWED_HOSTS = "" \ No newline at end of file +DJANGO_ALLOWED_HOSTS = "" +ALLOW_ALL_HOSTS = false \ No newline at end of file diff --git a/backend/secretshare/mpce.py b/backend/secretshare/mpce.py index dcd5c85..9ae1902 100644 --- a/backend/secretshare/mpce.py +++ b/backend/secretshare/mpce.py @@ -3,6 +3,7 @@ import uuid import numbers import logging +import urllib.parse from typing import Any, Dict, List, Optional, Tuple, Union, Callable from itertools import groupby from operator import itemgetter @@ -35,11 +36,12 @@ def __init__(self, protocol: str = "shamirs", prime: int = 180252380737439): self.mongo_host = os.environ.get("MONGO_HOST") self.mongo_port = os.environ.get("MONGO_PORT") - self.mongo_user = os.environ.get("MONGO_USER", "bwwc") - self.mongo_password = os.environ.get("MONGO_PASSWORD") + self.mongo_user = urllib.parse.quote_plus(os.environ.get("MONGO_USER", "bwwc")) + self.mongo_password = urllib.parse.quote_plus(os.environ.get("MONGO_PASSWORD")) self.mongo_db = os.environ.get("MONGO_DB", "bwwc") self.mongo_params = os.environ.get("MONGO_PARAMS", "") - mongo_uri = f"mongodb://{self.mongo_user}:{self.mongo_password}@{self.mongo_host}:{self.mongo_port}/?{self.mongo_params}" + mongo_uri = f"mongodb://{self.mongo_user}:{self.mongo_password}@{self.mongo_host}:{self.mongo_port}/{self.mongo_db}?{self.mongo_params}" + self.logger.info(f"Connection URI is: {mongo_uri}") self.mongo_client = MongoClient(mongo_uri)