Nikolay Tatarinov
5331fac334
- Introduced a new configuration file `.cursorrules` to define coding standards, error handling, testing requirements, and project-specific guidelines. - Refactored `config.py` to implement a `Settings` dataclass for better management of environment variables, improving testability and maintainability. - Updated the import duty schedule handler to utilize session management with `session_scope`, ensuring proper database session handling. - Enhanced the import service to streamline the duty schedule import process, improving code organization and readability. - Added new service layer functions to encapsulate business logic related to group duty pinning and duty schedule imports. - Updated README documentation to reflect the new configuration structure and improved import functionality.
117 lines
4.3 KiB
Python
117 lines
4.3 KiB
Python
"""Load configuration from environment. Fail fast if BOT_TOKEN is missing."""
|
|
|
|
import os
|
|
from dataclasses import dataclass
|
|
|
|
from dotenv import load_dotenv
|
|
|
|
load_dotenv()
|
|
|
|
|
|
@dataclass(frozen=True)
|
|
class Settings:
|
|
"""Optional injectable settings built from env. Tests can override or build from env."""
|
|
|
|
bot_token: str
|
|
database_url: str
|
|
mini_app_base_url: str
|
|
http_port: int
|
|
allowed_usernames: set[str]
|
|
admin_usernames: set[str]
|
|
mini_app_skip_auth: bool
|
|
init_data_max_age_seconds: int
|
|
cors_origins: list[str]
|
|
external_calendar_ics_url: str
|
|
duty_display_tz: str
|
|
|
|
@classmethod
|
|
def from_env(cls) -> "Settings":
|
|
"""Build Settings from current environment (same logic as module-level vars)."""
|
|
bot_token = os.getenv("BOT_TOKEN") or ""
|
|
raw_allowed = os.getenv("ALLOWED_USERNAMES", "").strip()
|
|
allowed = {
|
|
s.strip().lstrip("@").lower() for s in raw_allowed.split(",") if s.strip()
|
|
}
|
|
raw_admin = os.getenv("ADMIN_USERNAMES", "").strip()
|
|
admin = {
|
|
s.strip().lstrip("@").lower() for s in raw_admin.split(",") if s.strip()
|
|
}
|
|
raw_cors = os.getenv("CORS_ORIGINS", "").strip()
|
|
cors = (
|
|
[_o.strip() for _o in raw_cors.split(",") if _o.strip()]
|
|
if raw_cors and raw_cors != "*"
|
|
else ["*"]
|
|
)
|
|
return cls(
|
|
bot_token=bot_token,
|
|
database_url=os.getenv("DATABASE_URL", "sqlite:///data/duty_teller.db"),
|
|
mini_app_base_url=os.getenv("MINI_APP_BASE_URL", "").rstrip("/"),
|
|
http_port=int(os.getenv("HTTP_PORT", "8080")),
|
|
allowed_usernames=allowed,
|
|
admin_usernames=admin,
|
|
mini_app_skip_auth=os.getenv("MINI_APP_SKIP_AUTH", "").strip()
|
|
in ("1", "true", "yes"),
|
|
init_data_max_age_seconds=int(os.getenv("INIT_DATA_MAX_AGE_SECONDS", "0")),
|
|
cors_origins=cors,
|
|
external_calendar_ics_url=os.getenv(
|
|
"EXTERNAL_CALENDAR_ICS_URL", ""
|
|
).strip(),
|
|
duty_display_tz=os.getenv("DUTY_DISPLAY_TZ", "Europe/Moscow").strip()
|
|
or "Europe/Moscow",
|
|
)
|
|
|
|
|
|
BOT_TOKEN = os.getenv("BOT_TOKEN")
|
|
if not BOT_TOKEN:
|
|
raise SystemExit(
|
|
"BOT_TOKEN is not set. Copy .env.example to .env and set your token from @BotFather."
|
|
)
|
|
|
|
DATABASE_URL = os.getenv("DATABASE_URL", "sqlite:///data/duty_teller.db")
|
|
MINI_APP_BASE_URL = os.getenv("MINI_APP_BASE_URL", "").rstrip("/")
|
|
HTTP_PORT = int(os.getenv("HTTP_PORT", "8080"))
|
|
|
|
# Miniapp access: comma-separated Telegram usernames (no @). Empty = no one allowed.
|
|
_raw_allowed = os.getenv("ALLOWED_USERNAMES", "").strip()
|
|
ALLOWED_USERNAMES = {
|
|
s.strip().lstrip("@").lower() for s in _raw_allowed.split(",") if s.strip()
|
|
}
|
|
|
|
_raw_admin = os.getenv("ADMIN_USERNAMES", "").strip()
|
|
ADMIN_USERNAMES = {
|
|
s.strip().lstrip("@").lower() for s in _raw_admin.split(",") if s.strip()
|
|
}
|
|
|
|
# Dev only: set to 1 to allow /api/duties without Telegram initData (insecure, no user check).
|
|
MINI_APP_SKIP_AUTH = os.getenv("MINI_APP_SKIP_AUTH", "").strip() in ("1", "true", "yes")
|
|
|
|
# Optional replay protection: reject initData older than this many seconds. 0 = disabled (default).
|
|
INIT_DATA_MAX_AGE_SECONDS = int(os.getenv("INIT_DATA_MAX_AGE_SECONDS", "0"))
|
|
|
|
# CORS: comma-separated origins, or empty/"*" for allow all. For production, set to MINI_APP_BASE_URL or specific origins.
|
|
_raw_cors = os.getenv("CORS_ORIGINS", "").strip()
|
|
CORS_ORIGINS = (
|
|
[_o.strip() for _o in _raw_cors.split(",") if _o.strip()]
|
|
if _raw_cors and _raw_cors != "*"
|
|
else ["*"]
|
|
)
|
|
|
|
# Optional: URL of a public ICS calendar (e.g. holidays). Empty = no external calendar; /api/calendar-events returns [].
|
|
EXTERNAL_CALENDAR_ICS_URL = os.getenv("EXTERNAL_CALENDAR_ICS_URL", "").strip()
|
|
|
|
# Timezone for displaying duty times in the pinned group message (e.g. Europe/Moscow).
|
|
DUTY_DISPLAY_TZ = (
|
|
os.getenv("DUTY_DISPLAY_TZ", "Europe/Moscow").strip() or "Europe/Moscow"
|
|
)
|
|
|
|
|
|
def is_admin(username: str) -> bool:
|
|
"""True if the given Telegram username (no @, any case) is in ADMIN_USERNAMES."""
|
|
return (username or "").strip().lower() in ADMIN_USERNAMES
|
|
|
|
|
|
def can_access_miniapp(username: str) -> bool:
|
|
"""True if username is in ALLOWED_USERNAMES or ADMIN_USERNAMES."""
|
|
u = (username or "").strip().lower()
|
|
return u in ALLOWED_USERNAMES or u in ADMIN_USERNAMES
|