From 8ba553215848df42ed986c3634904db7b23481f6 Mon Sep 17 00:00:00 2001 From: redatman Date: Fri, 19 Jul 2024 14:42:44 +0800 Subject: [PATCH 1/3] feat: Ignore token.json Add `token.json` to the `.gitignore` to prevent accidental commit of sensitive API tokens. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index bb429e3..c23a47f 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,7 @@ sublime_api.py *.sublime-settings.example Markdown.tmLanguage *.pkl +token.json tmp/ notes/ logs/ From 3e6fed2de6c8d68240e4d2a79d74dc5bfebbda54 Mon Sep 17 00:00:00 2001 From: redatman Date: Fri, 19 Jul 2024 14:43:06 +0800 Subject: [PATCH 2/3] Fix: Token storage and retrieval Refactored token storage to use a JSON file for storing multiple user tokens, improving user experience and allowing for future enhancements. Also made the authentication function thread-safe and cache-friendly using `lru_cache`. --- api.py | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/api.py b/api.py index 7f037bc..59cbdca 100644 --- a/api.py +++ b/api.py @@ -5,6 +5,7 @@ import base64 import functools +import json import logging import os import time @@ -24,7 +25,7 @@ SIMPLENOTE_APP_ID: str = "chalk-bump-f49" SIMPLENOTE_APP_KEY: str = base64.b64decode("YzhjMmI4NjMzNzE1NGNkYWJjOTg5YjIzZTMwYzZiZjQ=").decode("utf-8") SIMPLENOTE_BUCKET: str = "note" -_SIMPLENOTE_TOKEN_FILE = "simplenote_token.pkl" +_SIMPLENOTE_TOKEN_FILE = "token.json" SIMPLENOTE_TOKEN_FILE = os.path.join(SIMPLENOTE_BASE_DIR, _SIMPLENOTE_TOKEN_FILE) @@ -99,8 +100,9 @@ def __init__(self, username: str = "", password: str = ""): self.mark = "mark" self._token: str = "" - @classmethod - def authenticate(cls, username: str, password: str): + @staticmethod + @functools.lru_cache(maxsize=2) + def authenticate(username: str, password: str): """Method to get simplenote auth token Arguments: @@ -124,8 +126,6 @@ def authenticate(cls, username: str, password: str): raise SimplenoteLoginFailed("access_token is not a string: %s" % token) # assert len(token) == 32, "token length is not 32: %s" % token - with open(SIMPLENOTE_TOKEN_FILE, "wb") as fh: - fh.write(token.encode("utf-8")) return token @functools.cached_property @@ -140,16 +140,23 @@ def token(self): """ if not self._token: try: - with open(SIMPLENOTE_TOKEN_FILE, "rb") as fh: - token = fh.read().decode("utf-8") + with open(SIMPLENOTE_TOKEN_FILE, "r") as fh: + _token = json.load(fh) + token = _token.get(self.username) + logger.info(("token: ", token)) if not token: raise ValueError("token is empty") - self._token = token - except (FileNotFoundError, ValueError) as err: + return token + except Exception as err: + logger.info("Do not have token cache for %s, requesting new one. Error: %s" % (self.username, err)) self._token = self.authenticate(self.username, self.password) - except (EOFError, Exception) as err: - logger.exception(err) - raise err + with open(SIMPLENOTE_TOKEN_FILE, "w+") as fh: + try: + _token = json.load(fh) + except Exception as err: + _token = {} + _token[self.username] = token + json.dump(_token, fh) return self._token def _parse_response(self, note_id: str, response: Response): From 424046ca4e189165a907e721de033f44ecf6ab31 Mon Sep 17 00:00:00 2001 From: redatman Date: Fri, 19 Jul 2024 14:47:04 +0800 Subject: [PATCH 3/3] Fix: Prevent pre-commit from running on merged pull requests This change ensures that the pre-commit workflow only runs on pushes to the repository when the associated pull request has not been merged yet. This prevents unnecessary execution of the workflow on merged PRs, improving efficiency and reducing resource consumption. --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 82c6eef..ca49bcb 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -10,7 +10,7 @@ on: jobs: pre-commit: - if: github.event_name == 'push' + if: github.event_name == 'push' && github.event.pull_request.merged == false runs-on: ubuntu-latest steps: