zebra-day 0.0.37__py3-none-any.whl → 1.0.2__py3-none-any.whl

zebra_day/web/app.py

@@ -0,0 +1,171 @@
+"""
+FastAPI application factory for zebra_day.
+
+This module provides the main FastAPI application for the zebra_day web interface.
+"""
+from __future__ import annotations
+
+import os
+import subprocess
+from pathlib import Path
+from typing import Literal, Optional
+
+from fastapi import FastAPI, Request
+from fastapi.staticfiles import StaticFiles
+from fastapi.templating import Jinja2Templates
+from importlib.resources import files
+
+from zebra_day.logging_config import get_logger
+from zebra_day import paths as xdg
+from zebra_day.web.middleware import RequestLoggingMiddleware, print_rate_limiter
+
+_log = get_logger(__name__)
+
+# Package paths
+_PKG_PATH = Path(str(files("zebra_day")))
+_STATIC_PATH = _PKG_PATH / "static"
+_TEMPLATES_PATH = _PKG_PATH / "templates"
+
+
+def get_local_ip() -> str:
+    """Get the local IP address of this machine."""
+    ipcmd = r"""(ip addr show | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1' || ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1') 2>/dev/null"""
+    result = subprocess.run(ipcmd, shell=True, capture_output=True, text=True)
+    lines = result.stdout.strip().split("\n")
+    return lines[0] if lines and lines[0] else "127.0.0.1"
+
+
+def create_app(
+    *,
+    debug: bool = False,
+    css_theme: str = "lsmc.css",
+    auth: Optional[Literal["none", "cognito"]] = None,
+) -> FastAPI:
+    """
+    Create and configure the FastAPI application.
+
+    Args:
+        debug: Enable debug mode
+        css_theme: Default CSS theme file name
+        auth: Authentication mode - "none" (public) or "cognito" (AWS Cognito).
+              If None, reads from ZEBRA_DAY_AUTH_MODE env var (defaults to "none").
+
+    Returns:
+        Configured FastAPI application
+    """
+    # Get auth mode from parameter or environment variable
+    if auth is None:
+        auth = os.environ.get("ZEBRA_DAY_AUTH_MODE", "none")  # type: ignore[assignment]
+
+    # Validate auth parameter
+    if auth not in ("none", "cognito"):
+        raise ValueError(f"Invalid auth mode: {auth!r}. Must be 'none' or 'cognito'.")
+
+    app = FastAPI(
+        title="Zebra Day",
+        description="Zebra printer fleet management and label printing",
+        version="0.5.0",
+        debug=debug,
+    )
+
+    # Add request logging middleware
+    app.add_middleware(RequestLoggingMiddleware)
+
+    # Configure authentication if enabled
+    if auth == "cognito":
+        from zebra_day.web.auth import CognitoAuthMiddleware, setup_cognito_auth
+
+        cognito_auth = setup_cognito_auth(app)
+        app.add_middleware(CognitoAuthMiddleware, cognito_auth=cognito_auth)
+        app.state.cognito_auth = cognito_auth
+        app.state.auth_mode = "cognito"
+        _log.info("Cognito authentication middleware enabled")
+    else:
+        app.state.auth_mode = "none"
+        _log.info("Authentication disabled (auth=none)")
+
+    # Store rate limiter in app state for use in endpoints
+    app.state.print_rate_limiter = print_rate_limiter
+
+    # Store app state
+    app.state.css_theme = css_theme
+    app.state.local_ip = get_local_ip()
+    app.state.pkg_path = _PKG_PATH
+
+    # Mount static files
+    app.mount("/static", StaticFiles(directory=str(_STATIC_PATH)), name="static")
+
+    # Also mount package directories that need to be served
+    files_dir = _PKG_PATH / "files"
+    if files_dir.exists():
+        app.mount("/files", StaticFiles(directory=str(files_dir)), name="files")
+
+    etc_dir = _PKG_PATH / "etc"
+    if etc_dir.exists():
+        app.mount("/etc", StaticFiles(directory=str(etc_dir)), name="etc")
+
+    # Setup Jinja2 templates
+    templates = Jinja2Templates(directory=str(_TEMPLATES_PATH))
+    app.state.templates = templates
+
+    # Register routers
+    from zebra_day.web.routers import ui, api
+
+    app.include_router(ui.router)
+    app.include_router(api.router, prefix="/api/v1", tags=["api"])
+
+    @app.on_event("startup")
+    async def startup_event():
+        """Initialize application state on startup."""
+        import zebra_day.print_mgr as zdpm
+
+        app.state.zp = zdpm.zpl()
+        _log.info(
+            "zebra_day web server starting at %s:8118",
+            app.state.local_ip,
+        )
+
+    @app.get("/healthz")
+    async def healthz():
+        """Health check endpoint."""
+        return {"status": "healthy"}
+
+    @app.get("/readyz")
+    async def readyz():
+        """Readiness check endpoint."""
+        # Check if printer manager is initialized
+        if hasattr(app.state, "zp") and app.state.zp is not None:
+            return {"status": "ready"}
+        return {"status": "not_ready"}, 503
+
+    return app
+
+
+def run_server(
+    host: str = "0.0.0.0",
+    port: int = 8118,
+    reload: bool = False,
+    auth: Literal["none", "cognito"] = "none",
+):
+    """
+    Run the FastAPI server using uvicorn.
+
+    Args:
+        host: Host to bind to
+        port: Port to listen on
+        reload: Enable auto-reload for development
+        auth: Authentication mode - "none" (public) or "cognito" (AWS Cognito)
+    """
+    import uvicorn
+
+    # Store auth mode in environment for factory function
+    os.environ["ZEBRA_DAY_AUTH_MODE"] = auth
+
+    uvicorn.run(
+        "zebra_day.web.app:create_app",
+        host=host,
+        port=port,
+        reload=reload,
+        factory=True,
+    )
+

zebra_day/web/auth.py

@@ -0,0 +1,172 @@
+"""Authentication integration for zebra_day web server.
+
+Provides optional Cognito authentication support via the daylily-cognito library.
+"""
+
+from __future__ import annotations
+
+import os
+from typing import TYPE_CHECKING, Any, Callable, Dict, List, Optional
+
+from fastapi import Depends, HTTPException, Request, status
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.responses import Response
+
+from zebra_day.logging_config import get_logger
+
+if TYPE_CHECKING:
+    from fastapi import FastAPI
+
+_log = get_logger(__name__)
+
+# Endpoints that should never require authentication
+PUBLIC_PATHS: List[str] = [
+    "/healthz",
+    "/readyz",
+    "/docs",
+    "/openapi.json",
+    "/redoc",
+]
+
+# Try to import daylily-cognito components
+_COGNITO_AVAILABLE = False
+_COGNITO_IMPORT_ERROR: Optional[str] = None
+
+try:
+    from daylily_cognito import CognitoAuth, CognitoConfig, create_auth_dependency
+
+    _COGNITO_AVAILABLE = True
+except ImportError as e:
+    _COGNITO_IMPORT_ERROR = str(e)
+    CognitoAuth = None  # type: ignore[misc, assignment]
+    CognitoConfig = None  # type: ignore[misc, assignment]
+    create_auth_dependency = None  # type: ignore[misc, assignment]
+
+
+def is_cognito_available() -> bool:
+    """Check if daylily-cognito library is installed."""
+    return _COGNITO_AVAILABLE
+
+
+def get_cognito_import_error() -> Optional[str]:
+    """Get the import error message if daylily-cognito is not available."""
+    return _COGNITO_IMPORT_ERROR
+
+
+class CognitoAuthMiddleware(BaseHTTPMiddleware):
+    """Middleware that enforces Cognito authentication on protected endpoints.
+
+    Exempts health check endpoints and other public paths.
+    """
+
+    def __init__(self, app: "FastAPI", cognito_auth: Any) -> None:
+        super().__init__(app)
+        self.cognito_auth = cognito_auth
+        self.get_current_user = create_auth_dependency(cognito_auth, optional=False)
+
+    async def dispatch(self, request: Request, call_next: Callable) -> Response:
+        """Check authentication for protected endpoints."""
+        path = request.url.path
+
+        # Allow public endpoints without authentication
+        if any(path.startswith(public) for public in PUBLIC_PATHS):
+            return await call_next(request)
+
+        # Allow static files without authentication
+        if path.startswith("/static") or path.startswith("/files") or path.startswith("/etc"):
+            return await call_next(request)
+
+        # Check for Authorization header
+        auth_header = request.headers.get("Authorization")
+        if not auth_header:
+            return Response(
+                content='{"detail":"Authentication required"}',
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                media_type="application/json",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+
+        # Validate Bearer token
+        if not auth_header.startswith("Bearer "):
+            return Response(
+                content='{"detail":"Invalid authorization header format"}',
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                media_type="application/json",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+
+        token = auth_header[7:]  # Remove "Bearer " prefix
+        try:
+            # Verify token and attach user to request state
+            user_claims = self.cognito_auth.verify_token(token)
+            request.state.user = user_claims
+        except HTTPException:
+            return Response(
+                content='{"detail":"Invalid or expired token"}',
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                media_type="application/json",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+        except Exception as e:
+            _log.error("Authentication error: %s", str(e))
+            return Response(
+                content='{"detail":"Authentication failed"}',
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                media_type="application/json",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+
+        return await call_next(request)
+
+
+def setup_cognito_auth(app: "FastAPI") -> Any:
+    """Configure Cognito authentication for the FastAPI app.
+
+    Reads configuration from environment variables:
+        - COGNITO_USER_POOL_ID: Cognito User Pool ID (required)
+        - COGNITO_APP_CLIENT_ID or COGNITO_CLIENT_ID: App Client ID (required)
+        - COGNITO_REGION or AWS_REGION: AWS region (defaults to us-west-2)
+        - AWS_PROFILE: Optional AWS profile name
+
+    Returns:
+        CognitoAuth instance
+
+    Raises:
+        ValueError: If required environment variables are missing
+        ImportError: If daylily-cognito is not installed
+    """
+    if not _COGNITO_AVAILABLE:
+        raise ImportError(
+            f"daylily-cognito library is required for Cognito authentication. "
+            f"Install with: pip install -e '.[auth]'\n"
+            f"Import error: {_COGNITO_IMPORT_ERROR}"
+        )
+
+    # Load config from environment
+    try:
+        config = CognitoConfig.from_legacy_env()
+    except ValueError as e:
+        raise ValueError(
+            f"Missing required Cognito configuration. {e}\n"
+            "Set the following environment variables:\n"
+            "  COGNITO_USER_POOL_ID=your-pool-id\n"
+            "  COGNITO_APP_CLIENT_ID=your-client-id\n"
+            "  COGNITO_REGION=us-west-2  (optional, defaults to us-west-2)"
+        ) from e
+
+    # Create CognitoAuth instance
+    cognito_auth = CognitoAuth(
+        region=config.region,
+        user_pool_id=config.user_pool_id,
+        app_client_id=config.app_client_id,
+        profile=config.aws_profile,
+    )
+
+    _log.info(
+        "Cognito authentication enabled (region=%s, pool=%s)",
+        config.region,
+        config.user_pool_id,
+    )
+
+    return cognito_auth
+

zebra_day/web/middleware.py

@@ -0,0 +1,159 @@
+"""
+Middleware for the zebra_day FastAPI application.
+
+Provides request logging and rate limiting functionality.
+"""
+from __future__ import annotations
+
+import asyncio
+import time
+from collections import defaultdict
+from typing import Callable
+
+from fastapi import Request, Response
+from starlette.middleware.base import BaseHTTPMiddleware
+
+from zebra_day.logging_config import get_logger
+
+_log = get_logger(__name__)
+
+
+class RequestLoggingMiddleware(BaseHTTPMiddleware):
+    """
+    Middleware for structured request logging.
+
+    Logs client IP, request path, method, timing, and response status.
+    """
+
+    async def dispatch(self, request: Request, call_next: Callable) -> Response:
+        """Process request and log structured data."""
+        start_time = time.perf_counter()
+
+        # Extract client info
+        client_ip = request.client.host if request.client else "unknown"
+        method = request.method
+        path = request.url.path
+        query = str(request.query_params) if request.query_params else ""
+
+        # Extract relevant parameters for print operations
+        lab = request.query_params.get("lab", "")
+        printer = request.query_params.get("printer", "")
+        template = request.query_params.get("label_zpl_style", "")
+
+        try:
+            response = await call_next(request)
+            status_code = response.status_code
+            outcome = "success" if status_code < 400 else "error"
+        except Exception as exc:
+            status_code = 500
+            outcome = "exception"
+            _log.exception(
+                "Request failed",
+                extra={
+                    "client_ip": client_ip,
+                    "method": method,
+                    "path": path,
+                    "error": str(exc),
+                },
+            )
+            raise
+
+        elapsed_ms = (time.perf_counter() - start_time) * 1000
+
+        # Build log context
+        log_context = {
+            "client_ip": client_ip,
+            "method": method,
+            "path": path,
+            "status_code": status_code,
+            "elapsed_ms": round(elapsed_ms, 2),
+            "outcome": outcome,
+        }
+
+        # Add print-specific context if relevant
+        if lab:
+            log_context["lab"] = lab
+        if printer:
+            log_context["printer"] = printer
+        if template:
+            log_context["template"] = template
+
+        # Log at appropriate level
+        if status_code >= 500:
+            _log.error("Request completed", extra=log_context)
+        elif status_code >= 400:
+            _log.warning("Request completed", extra=log_context)
+        else:
+            _log.info("Request completed", extra=log_context)
+
+        return response
+
+
+class PrintRateLimiter:
+    """
+    Simple rate limiter for print endpoints.
+
+    Uses a sliding window approach with configurable limits.
+    """
+
+    def __init__(
+        self,
+        max_requests: int = 10,
+        window_seconds: float = 60.0,
+        max_concurrent: int = 3,
+    ):
+        """
+        Initialize rate limiter.
+
+        Args:
+            max_requests: Maximum requests per window per client IP
+            window_seconds: Time window in seconds
+            max_concurrent: Maximum concurrent print operations
+        """
+        self.max_requests = max_requests
+        self.window_seconds = window_seconds
+        self.max_concurrent = max_concurrent
+
+        self._request_times: dict[str, list[float]] = defaultdict(list)
+        self._semaphore = asyncio.Semaphore(max_concurrent)
+        self._lock = asyncio.Lock()
+
+    async def acquire(self, client_ip: str) -> tuple[bool, str]:
+        """
+        Try to acquire a print slot.
+
+        Returns:
+            Tuple of (allowed, reason)
+        """
+        now = time.time()
+
+        async with self._lock:
+            # Clean old entries
+            cutoff = now - self.window_seconds
+            self._request_times[client_ip] = [
+                t for t in self._request_times[client_ip] if t > cutoff
+            ]
+
+            # Check rate limit
+            if len(self._request_times[client_ip]) >= self.max_requests:
+                return False, f"Rate limit exceeded: {self.max_requests} requests per {self.window_seconds}s"
+
+            # Try to acquire semaphore (non-blocking check)
+            if self._semaphore.locked() and self._semaphore._value == 0:
+                return False, f"Too many concurrent print operations (max {self.max_concurrent})"
+
+            # Record this request
+            self._request_times[client_ip].append(now)
+
+        # Acquire semaphore for actual operation
+        await self._semaphore.acquire()
+        return True, ""
+
+    def release(self) -> None:
+        """Release a print slot after operation completes."""
+        self._semaphore.release()
+
+
+# Global rate limiter instance
+print_rate_limiter = PrintRateLimiter()
+

zebra_day/web/routers/__init__.py

@@ -0,0 +1,2 @@
+"""FastAPI routers for zebra_day web application."""
+

zebra_day/web/routers/api.py

@@ -0,0 +1,163 @@
+"""
+Versioned JSON API router for zebra_day.
+
+Provides programmatic access to printer management and label printing.
+All endpoints return JSON and are prefixed with /api/v1/.
+"""
+from __future__ import annotations
+
+from typing import Optional, List, Dict, Any
+
+from fastapi import APIRouter, HTTPException, Request
+from pydantic import BaseModel, Field
+
+router = APIRouter()
+
+
+# ----- Request/Response Models -----
+
+class PrintRequest(BaseModel):
+    """Request model for printing a label."""
+    lab: str = Field(..., description="Lab identifier")
+    printer: str = Field(..., description="Printer name")
+    label_zpl_style: Optional[str] = Field(None, description="ZPL template name")
+    uid_barcode: str = Field("", description="UID for barcode")
+    alt_a: str = Field("", description="Alternative field A")
+    alt_b: str = Field("", description="Alternative field B")
+    alt_c: str = Field("", description="Alternative field C")
+    alt_d: str = Field("", description="Alternative field D")
+    alt_e: str = Field("", description="Alternative field E")
+    alt_f: str = Field("", description="Alternative field F")
+    copies: int = Field(1, ge=1, le=100, description="Number of copies")
+
+
+class PrintResponse(BaseModel):
+    """Response model for print request."""
+    success: bool
+    message: str
+    png_url: Optional[str] = None
+
+
+class PrinterInfo(BaseModel):
+    """Printer information model."""
+    name: str
+    ip_address: str
+    model: str
+    serial: str
+    label_zpl_styles: List[str]
+    print_method: str
+
+
+class LabPrinters(BaseModel):
+    """Lab and its printers."""
+    lab: str
+    printers: List[PrinterInfo]
+
+
+# ----- Endpoints -----
+
+@router.get("/labs", response_model=List[str])
+async def list_labs(request: Request) -> List[str]:
+    """List all available labs."""
+    zp = request.app.state.zp
+    return list(zp.printers.get("labs", {}).keys())
+
+
+@router.get("/labs/{lab}/printers", response_model=List[PrinterInfo])
+async def list_printers(request: Request, lab: str) -> List[PrinterInfo]:
+    """List all printers in a lab."""
+    zp = request.app.state.zp
+    labs = zp.printers.get("labs", {})
+
+    if lab not in labs:
+        raise HTTPException(status_code=404, detail=f"Lab '{lab}' not found")
+
+    printers = []
+    for name, info in labs[lab].items():
+        printers.append(
+            PrinterInfo(
+                name=name,
+                ip_address=info.get("ip_address", ""),
+                model=info.get("model", ""),
+                serial=info.get("serial", ""),
+                label_zpl_styles=info.get("label_zpl_styles", []),
+                print_method=info.get("print_method", ""),
+            )
+        )
+    return printers
+
+
+@router.get("/templates", response_model=List[str])
+async def list_templates(request: Request) -> List[str]:
+    """List all available ZPL templates."""
+    from pathlib import Path
+
+    pkg_path = request.app.state.pkg_path
+    styles_dir = pkg_path / "etc" / "label_styles"
+
+    templates = []
+    if styles_dir.exists():
+        for f in styles_dir.iterdir():
+            if f.is_file() and f.suffix == ".zpl":
+                templates.append(f.stem)
+
+    # Also include drafts
+    tmps_dir = styles_dir / "tmps"
+    if tmps_dir.exists():
+        for f in tmps_dir.iterdir():
+            if f.is_file() and f.suffix == ".zpl":
+                templates.append(f.stem)
+
+    return sorted(templates)
+
+
+@router.post("/print", response_model=PrintResponse)
+async def print_label(request: Request, print_req: PrintRequest) -> PrintResponse:
+    """Send a print request to a printer."""
+    zp = request.app.state.zp
+    rate_limiter = request.app.state.print_rate_limiter
+    client_ip = request.client.host if request.client else "unknown"
+
+    # Check rate limit
+    allowed, reason = await rate_limiter.acquire(client_ip)
+    if not allowed:
+        raise HTTPException(status_code=429, detail=reason)
+
+    try:
+        result = zp.print_zpl(
+            lab=print_req.lab,
+            printer_name=print_req.printer,
+            label_zpl_style=print_req.label_zpl_style,
+            uid_barcode=print_req.uid_barcode,
+            alt_a=print_req.alt_a,
+            alt_b=print_req.alt_b,
+            alt_c=print_req.alt_c,
+            alt_d=print_req.alt_d,
+            alt_e=print_req.alt_e,
+            alt_f=print_req.alt_f,
+            print_n=print_req.copies,
+            client_ip=client_ip,
+        )
+
+        # Check if result is a PNG file path
+        if result and ".png" in str(result):
+            png_name = str(result).split("/")[-1]
+            return PrintResponse(
+                success=True,
+                message="PNG generated successfully",
+                png_url=f"/files/{png_name}",
+            )
+
+        return PrintResponse(success=True, message="Print request sent successfully")
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+    finally:
+        rate_limiter.release()
+
+
+@router.get("/config")
+async def get_config(request: Request) -> Dict[str, Any]:
+    """Get the current printer configuration."""
+    zp = request.app.state.zp
+    return zp.printers
+