bottlepy / bottle

bottle.py is a fast and simple micro-framework for python web-applications.
http://bottlepy.org/
MIT License
8.44k stars 1.47k forks source link

A way to serve static file and do something after it is downloaded #1151

Open iyuvalk opened 5 years ago

iyuvalk commented 5 years ago

Hi,

I need my bottle based app to allow the user to download a file only once and once it was downloaded successfully to do something. Is it possible?

v-python commented 5 years ago

So the client side is the only side that can be sure the download was successful, IIUC. And the client side can be tampered with more easily than the server side. So it depends on how much you trust your clients whether you can know that the download was successful "only once". And then the client can easily request "to do something". But it sounds like you are trying to "enforce" things on the client, and if that is the case, you probably don't trust the client, and if you don't, then you can't be sure whether the download is successful or not, and then you don't know whether "to do something" or not. But that isn't a limitation of bottle as much as it is a limitation of web/internet technology.

iyuvalk commented 5 years ago

Hi,

Thanks for the quick reply. I'm sorry for not being so clear on the use-case here... I'll try again now.... I'm using bottle to create a microservice that is not going and not intended to be accessed by humans and browsers. This service is going to be accessed by another NodeJS based service that is going to be used as a middle tier between the AngularJS UI and this python based back-end service. Both services are wrapped as a Docker image and are running as part of a Kubernetes cluster.

The python+bottle based service has three methods, the first method receives some sensitive information and launches a background process for carrying out some task that takes about 30-50 minutes to complete, the second method is used to check the current status of the background process and the third method is used to download the result file once the task is complete.

What I was trying to accomplish was the ability to stop the service once the NodeJS finished the download of the result files (immediately after all the file's bytes were sent to the NodeJS service) I wanted to do that without having to rely on the NodeJS service to "tell" the python service that it can shutdown to make sure that it won't be left running in case something would happen to the NodeJS service. Now that I think of it again I can probably create some sort of a timeout mechanism that will kill the service let's say, an hour after the background task has completed but in addition to that I would like to add and another mechanism that would do that immediately after the download is complete (from the POV of the server) just to make sure that no one would be able to access the data that exists in the service's RAM/disk.

I hope that this clarifies some things.... (-:

Thanks again, Yuval.

v-python commented 5 years ago

So the "network" between the NodeJS and the bottle is likely quite reliable, in that it is a memory transfer within a single computer, if I understand your environment correctly. So you might be willing to take the rist that once the outgoing data transfer is complete, that the "client" NodeJS will receive it. So that starts to make your original question more reasonable, but I don't know the answer to how you can tell the transfer is truly complete out of not just the bottle server, but the WSGI layer above it, and that it has also escaped the Docker virtual machine... it depends too much on the internal details of the protocol handshaking and error detection/reporting for closing the connection, which I'm not familiar enough with to give an answer to, nor do I know if bottle has a way of letting the server know that the connection has been closed. Certainly I don't see such a mechanism in the response from static_file. One can send static files via other mechanisms (the lower-level ones used by static_file, for example), but I don't know if that provides sufficient feedback either, with all the layers involved.

Also, I'm not sure if Docker clears the RAM/disk assigned to an instance when it is terminated. So while terminating the instance might result in the sensitive data being less accessible, it is not clear that it is gone from either RAM or disk, unless it is specifically overwritten using DoD level re-writing patterns to ensure erasure of decodable artifacts from magnetic media. Just throwing this out there for you to consider. I'm not up on the security/privacy details of the technologies you mention, but hopefully I've helped you clarify the question so that someone that is an expert in those areas can more readily assist.

iyuvalk commented 5 years ago

Thanks a lot v-python...