M2-T03: add read-only data JSON API
- GET /api/locations (inclusive time window start/end, pagination, cap 5000) - GET /api/poo (pagination, cap 1000, newest first) - GET /api/public-ip (current state + recent history, cap 1000) - all session-protected, read-only, bounded (no full-table export) - typed response schemas; register router; regenerate openapi/ - tests/test_api_data.py
This commit is contained in:
@@ -0,0 +1,125 @@
|
||||
from __future__ import annotations
|
||||
|
||||
from fastapi import APIRouter, Depends, Query
|
||||
from sqlalchemy import desc, select
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from app.api.routes.api.deps import require_session
|
||||
from app.dependencies import get_db
|
||||
from app.models.location import Location
|
||||
from app.models.poo import PooRecord
|
||||
from app.models.public_ip import PublicIPHistory, PublicIPState
|
||||
from app.schemas.data import (
|
||||
LocationRecord,
|
||||
LocationsResponse,
|
||||
PooRecord as PooRecordSchema,
|
||||
PooResponse,
|
||||
PublicIPHistorySchema,
|
||||
PublicIPResponse,
|
||||
PublicIPStateSchema,
|
||||
)
|
||||
from app.services.auth import AuthenticatedSession
|
||||
|
||||
router = APIRouter(prefix="/api", tags=["api-data"])
|
||||
|
||||
|
||||
@router.get("/locations", response_model=LocationsResponse)
|
||||
def get_locations(
|
||||
limit: int = Query(default=1000, ge=1, le=5000),
|
||||
offset: int = Query(default=0, ge=0),
|
||||
start: str | None = Query(default=None),
|
||||
end: str | None = Query(default=None),
|
||||
db: Session = Depends(get_db),
|
||||
_auth: AuthenticatedSession = Depends(require_session),
|
||||
) -> LocationsResponse:
|
||||
"""
|
||||
Return location records with optional time-window filtering and pagination.
|
||||
|
||||
- ``start`` / ``end`` are ISO8601 strings; filtering is **inclusive** on both bounds.
|
||||
- Results are ordered by ``datetime`` ascending.
|
||||
- ``limit`` is capped at 5000 to prevent full-table exports.
|
||||
"""
|
||||
stmt = select(Location)
|
||||
|
||||
if start is not None:
|
||||
stmt = stmt.where(Location.datetime >= start)
|
||||
if end is not None:
|
||||
stmt = stmt.where(Location.datetime <= end)
|
||||
|
||||
stmt = stmt.order_by(Location.datetime).offset(offset).limit(limit)
|
||||
|
||||
rows = db.execute(stmt).scalars().all()
|
||||
|
||||
items = [
|
||||
LocationRecord(
|
||||
person=row.person,
|
||||
datetime=row.datetime,
|
||||
latitude=row.latitude,
|
||||
longitude=row.longitude,
|
||||
altitude=row.altitude,
|
||||
)
|
||||
for row in rows
|
||||
]
|
||||
|
||||
return LocationsResponse(items=items, limit=limit, offset=offset)
|
||||
|
||||
|
||||
@router.get("/poo", response_model=PooResponse)
|
||||
def get_poo(
|
||||
limit: int = Query(default=100, ge=1, le=1000),
|
||||
offset: int = Query(default=0, ge=0),
|
||||
db: Session = Depends(get_db),
|
||||
_auth: AuthenticatedSession = Depends(require_session),
|
||||
) -> PooResponse:
|
||||
"""
|
||||
Return poo records ordered by timestamp descending (most recent first).
|
||||
|
||||
``limit`` is capped at 1000 to prevent full-table exports.
|
||||
"""
|
||||
stmt = (
|
||||
select(PooRecord)
|
||||
.order_by(desc(PooRecord.timestamp))
|
||||
.offset(offset)
|
||||
.limit(limit)
|
||||
)
|
||||
|
||||
rows = db.execute(stmt).scalars().all()
|
||||
|
||||
items = [
|
||||
PooRecordSchema(
|
||||
timestamp=row.timestamp,
|
||||
status=row.status,
|
||||
latitude=row.latitude,
|
||||
longitude=row.longitude,
|
||||
)
|
||||
for row in rows
|
||||
]
|
||||
|
||||
return PooResponse(items=items, limit=limit, offset=offset)
|
||||
|
||||
|
||||
@router.get("/public-ip", response_model=PublicIPResponse)
|
||||
def get_public_ip(
|
||||
limit: int = Query(default=100, ge=1, le=1000),
|
||||
db: Session = Depends(get_db),
|
||||
_auth: AuthenticatedSession = Depends(require_session),
|
||||
) -> PublicIPResponse:
|
||||
"""
|
||||
Return the current public IP state and recent history.
|
||||
|
||||
- ``state`` is ``null`` if no IP check has been performed yet.
|
||||
- ``history`` is ordered by ``observed_at`` descending (most recent first).
|
||||
- ``limit`` applies to the history list and is capped at 1000.
|
||||
"""
|
||||
state_row = db.execute(
|
||||
select(PublicIPState).where(PublicIPState.id == 1).limit(1)
|
||||
).scalar_one_or_none()
|
||||
|
||||
history_rows = db.execute(
|
||||
select(PublicIPHistory).order_by(desc(PublicIPHistory.observed_at)).limit(limit)
|
||||
).scalars().all()
|
||||
|
||||
state = PublicIPStateSchema.model_validate(state_row) if state_row is not None else None
|
||||
history = [PublicIPHistorySchema.model_validate(row) for row in history_rows]
|
||||
|
||||
return PublicIPResponse(state=state, history=history)
|
||||
Reference in New Issue
Block a user