web-api/serve_api.py

#!/usr/bin/python3.7
import os
import csv
import json
import time
import mailer
import sqlite3
import hashlib
import flask
from flask import Flask
from flask import request
from flask import jsonify
from flask import abort
from flask_cors import CORS
from fuzzywuzzy import fuzz
from multiprocessing import Process, Queue
import face_recognition
#from fset import fset
#from flask_security import auth_token_required
#from werkzeug.http import HTTP_STATUS_CODES
#def error_response(status_code, message=None):
#	payload = {'error': HTTP_STATUS_CODES.get(status_code, 'Unknown error')}
#	if message:
#		payload['message'] = message
#	response = jsonify(payload)
#	response.status_code = status_code
#	return response

#def tobs66(st):
#	bs64=" 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
#	acc=[(u'á','a'),(u'é','e',u'í','i'),(u'ó','o'),(u'ú','u'),(u'Á','A'),(u'É','E'),(u'Í','I'),(u'Ó','O'),(u'Ú','U'),('.',' '),(',',' '),(':',' '),(';',' '),('\n',' '),('\t',' '),('-',' '),('"',' '),("'",' ')]
#	for r in acc: st=st.replace(r[0],r[1])
#	return "".join(c for c in st if c in bs64 or c in [u'ñ',u'Ñ'])

#db_connector = sqlite3.connect("/var/lib/exp/praxis/lists.db")
#db_cursor = db_connector.cursor()
#db_sentence = "SELECT id,nombre,alias FROM lst ;"
#db_cursor.execute(db_sentence)
#names = fset((row[1] for row in db_cursor.fetchall()))
#names = [row for row in db_cursor.fetchall()]
#phph = lambda nnmm:nnmm.replace('LL',u'Ж').replace('RR',u'Р').replace('CH',u'Ч')
#names_ph = {nm[1]:phph(nm[1]) for nm in names}
#db_cursor.close(); db_connector.close()
app = Flask(__name__,subdomain_matching=True)
CORS(app)
#app.config['SECURITY_TOKEN_AUTHENTICATION_KEY'] = '7bvij07Js7Da0ij5VzWTib6AOAv7J9kShu3HM3BTU3iT'
#print(app.config['SECURITY_TOKEN_AUTHENTICATION_HEADER'])
#print(app.config['SECURITY_TOKEN_AUTHENTICATION_KEY'])
app.config["SERVER_NAME"] = "condorgl.net"
@app.route("/")
def rootr(): return ""
@app.route("/login",subdomain="auth",methods=['POST'])
def login():
	return jsonify({"success":request.form["username"] in ["aeespinosa","cobra"] and request.form["password"] in ["test"],"payload":{}})
@app.route("/resetpw",subdomain="auth",methods=['POST'])
def resetpw():
	return jsonify({"success":request.form["username"] in ["aeespinosa","cobra"] and request.form["email"] in ["h@condorbs.net"],"payload":{""}})


@app.route("/",subdomain="globalists")
@app.route("/<path:wp>",subdomain="globalists")
def webapp(wp="index.html"): return app.send_static_file("globalists/"+wp+"index.html" if wp.endswith('/') else "globalists/"+wp)
@app.route("/",subdomain="mneural")
@app.route("/<path:wp>",subdomain="mneural")
def webapp2(wp="index.html"): return app.send_static_file("mneural/"+wp+"index.html" if wp.endswith('/') else "mneural/"+wp)
response_queue = Queue()
@app.route("/match",subdomain="api", methods=['GET','POST','PUT','DELETE','TRACE','HEAD','OPTIONS'])
#@auth_token_required
def match():
	fields = {"name":"nombre","nationality":"pais","rfc":"rfc","status":"estatus"}
	data = {field:request.args.get(field) for field in list(fields)+["similarity"]}
	if not (request.args.get("token") and (request.args.get("name") or request.args.get("rfc"))): return {"success":False,"error":"400 Bad Request"},400
	if request.method != 'GET': return {"success":False,"error":"405 Method Not Allowed"},405
	if request.args.get("token") not in ["7bvij07Js7Da0ij5VzWTib6AOAv7J9kShu3HM3BTU3iT","j6KbS9IVIdWReQkag3Own9XS1YGBCt4L2j070YonBV4T"]:
		return {"success":False,"error":"403 Not authorized"},403
	#print(data)
	def __match(data):
		matched_names = []; matched_aliases = []
		for sname in sorted(data['name'].upper().split(' '),key=len)[-2:]:
			tmp_f = f"tmp-{sname}-{int(time.time())}"
			os.system("agrep -1 -e '%s' names > %s-n"%(sname,tmp_f))
			os.system("agrep -1 -e '%s' aliases > %s-a"%(sname,tmp_f))
			with open(f"{tmp_f}-n",'r') as tmp_ff:
				for row in tmp_ff: matched_names.append(row[:-1])
			with open(f"{tmp_f}-a",'r') as tmp_ff:
				for row in tmp_ff: matched_aliases.append(row[:-1])
		#print(matched_names)
		os.remove(f"{tmp_f}-n"); os.remove(f"{tmp_f}-a")
		db_connector = sqlite3.connect("/var/globalists/lists.db")
		db_cursor = db_connector.cursor()
		db_sentence = "SELECT substr(id,0,4) as list,nombre as name,alias,ubicacion as location,fechanac as birth_date,pais as nationality,rfc,programa as program,cargo as position,dependencia as department,fechapub as publication_date,estatus as status FROM lst WHERE "
		#nms = [nm for nm in matched_names if fuzz.token_set_ratio(data["name"].upper(),nm)>80]
		#als = [nm for nm in matched_aliases if fuzz.token_set_ratio(data["name"].upper(),nm)>80]
		nms = {nm:fuzz.token_set_ratio(data["name"].upper(),nm) for nm in matched_names}
		als = {nm:fuzz.token_set_ratio(data["name"].upper(),nm) for nm in matched_aliases}
		nms = {nm:nmp for nm,nmp in nms.items() if nmp>100*float(data["similarity"] or 0.8)}
		als = {nm:nmp for nm,nmp in als.items() if nmp>100*float(data["similarity"] or 0.8)}
		#print(nms)
		db_sentence+="( nombre IN ("+",".join([f"'{nm}'" for nm in nms])+")"
		db_sentence+=" OR alias IN ("+",".join([f"'{nm}'" for nm in als])+") )"
		db_sent_2 =" AND ".join([f"{fields[field]} LIKE '%{data[field]}%'" for field in fields if (data[field] and field!="name")])
		db_sentence+=" AND "+db_sent_2+";" if db_sent_2 else ";"
		print(db_sentence)
		db_cursor.execute(db_sentence)
		table = [{db_cursor.description[k][0]:row[k] for k in range(len(row))} for row in db_cursor.fetchall()]
		for row in table:
			row['name_similarity'] = nms.get(row['name'],0.0)/100.0
			row['alias_similarity'] = als.get(row['alias'],0.0)/100.0
		#print(table)
		db_cursor.close(); db_connector.close()
		response_queue.put(table)
	thread = Process(target=__match,args=(data,),daemon=True)
	thread.run()
	return jsonify({"success":True,"payload":response_queue.get()})
@app.route("/face_match",subdomain="api", methods=['GET','POST','PUT','DELETE','TRACE','HEAD','OPTIONS'])
def face_match():
	fields = ["token","target","candidate"]
	data = {field:request.args.get(field) for field in fields}
	#if not all(request.args.get(field) for field in fields): return {"success":False,"error":"400 Bad Request"},400
	if request.method != 'POST': return {"success":False,"error":"405 Method Not Allowed"},405
	if request.args.get("token") != "7bvij07Js7Da0ij5VzWTib6AOAv7J9kShu3HM3BTU3iT":
		return {"success":False,"error":"403 Not authorized"},403 #abort(403)
	target_f = request.files["target"]
	candidate_f = request.files["candidate"]
#	breakpoint()
	target_f.save("target.jpg");candidate_f.save("target2.jpg")
	target_enc = face_recognition.face_encodings(face_recognition.load_image_file(target_f))
	candidate_enc = face_recognition.face_encodings(face_recognition.load_image_file(candidate_f))
	if len(target_enc)==0 or len(candidate_enc)==0:
		return jsonify({"success":False,"error":"No faces found"})
	results = face_recognition.compare_faces(candidate_enc,target_enc[0])
	return jsonify({"success":True,"payload":results[0]})

app.run(host="0.0.0.0",port=443,ssl_context=("./fullchain.pem","./privkey.pem"),debug=True)
#import wsgiserver
#server = wsgiserver.WSGIServer(app,host="0.0.0.0",port=5000,certfile='./fullchain.pem',keyfile='./privkey.pem')
#server.start()