search

CodeForAfrica / sensors.AFRICA-api

The sensors.AFRICA API receiving, storing, and processing data received from sensors across the continentent. Accessible at https://api.sensors.africa/
https://api.sensors.africa/
18 stars 7 forks source link

Setup update and API Token Authentication #137

Closed gideonmaina closed 1 month ago

gideonmaina commented 3 months ago

Description

The main aim of this PR is to simplify local development and implement authentication for key endpoints prone to bot crawling or misuse by clients whilst fixing a few issues related to dependencies and migrations. The affected endpoints/views in API v1 are data, now and node. This will attempt to reduce the lag observed when making calls to the API.

Fixes issues #134, #135, #136

Setup changes

Tests for these changes were both done using local and staging databases.

Type of change

Screenshots

Screenshot 2024-08-16 at 11 08 02 Screenshot 2024-08-16 at 16 04 36

Checklist:

thepsalmist commented 2 months ago

👍🏽

If I understand what we're trying to do, then I see this as breaking change i.e. the new secure endpoints are no longer v1 but v2 (or whatever v we're currently on).

My approach would be:

  1. Create new v2 endpoints that work exactly like the equivalent v1 endpoints but secure.
  2. Test and deploy backend to PROD.
  3. Upgrade the front-end up to point to v2 endpoints.
  4. Test and deploy front-end to PROD.
  5. Remove or redirect unsecure v1 endpoints.
  6. Test and deploy backend to PROD.
  7. Profit

Cool, makes sense @gideonmaina I'll setup a review to plan for this implementation approach

kilemensi commented 2 months ago

PS: Not sure what SENSORSAFRICA_CELERY_SLACK_WEBHOOK_FAILURES_ONLY is for. If we need to send errors notifications to Slack, the best approach it to integrate with Sentry and Sentry will send notifications over email, Slack, etc.

thepsalmist commented 1 month ago

Changes should be merged in #138 , Tracked in #134