This repository contains the backend code running the various web services of the Virtual Houston Air Route Traffic Control Center on the VATSIM network. It is published publicly to encourage ARTCCs to collaborate on development and to allow webmasters to use this framework as a base for their own ARTCC websites.
This backend is running on Python 3.9 using the Django REST Framework. It is designed to be used with a separate frontend component. For an example implementation with React, see https://github.com/Houston-ARTCC/zhu-frontend.
Created by Michael Romashov.
All commands assume that you are at the root of the zhu-core repository that you cloned.
-
Ensure you have both Python and pip up to date. (Using a
venvis recommended)python -m pip install --upgrade pip -
Install all project dependencies.
pip install -r requirements.txt -
Create and populate the
.envfile.cp .env.example .envEnvironment Field Descriptions
All strings must be surrounded with double quotes. Integers and booleans must be on their own.
Field Description Example DEV_ENVEnables debug mode. Must be Falsein productionTrueALLOWED_HOSTSComma separated list of domains and IPs that the server will run on "api.zhuartcc.org"SECRET_KEYDjango secret key. Can be generated here SENTRY_DSN[Optional]Sentry DSN for error logging STATIC_ROOT[Optional]Root directory for static files. Defaults to ./static"/home/.../static"MEDIA_ROOT[Optional]Root directory for uploaded files. Defaults to ./media"/home/.../media"VATSIM_CONNECT_CLIENT_IDClient ID for VATSIM Connect VATSIM_CONNECT_CLIENT_SECRETClient Secret for VATSIM Connect VATSIM_CONNECT_REDIRECT_URIRedirect URI for VATSIM Connect VATUSA_API_TOKENToken for VATUSA API AVWX_API_TOKEN[Optional]AVWX API token for pulling METARs POSITION_PREFIXESComma separated list of all airport IATA codes "HOU,IAH,AUS"EMAIL_HOSTEmail server hostname "smtp.mailtrap.io"EMAIL_PORTEmail server port 2525EMAIL_HOST_USEREmail server username "username"EMAIL_HOST_PASSWORDEmail server password "password"EMAIL_USE_TLSUse TLS for SMTP TrueEVENTS_WEBHOOK_URL[Optional]Discord channel webhook for posting events -
Create database tables.
python manage.py migrate -
Populate
users_roletable with premade roles.python manage.py loaddata apps/users/fixtures/roles.json -
Sync roster with VATUSA api.
python manage.py syncroster -
Give yourself access to the Django admin panel. (Accessible at
/admin)python manage.py addadmin
Authentication with the REST API is done through JSON Web Tokens. Please note that JWTs are not encrypted and may contain sensitive information.
After redirecting the user to VATSIM connect, the user will be redirected back to your website with a code from the VATSIM API. (Refer to VATSIM Connect Documentation for more details). This code can be included in the body of a POST request to /auth/token/ to receive an access token and a refresh token for the now authenticated user. You will want to keep these tokens for future use.
axios
.post('/auth/token/', { code: authCode })
.then(res => {
localStorage.setItem('access', res.data.access)
localStorage.setItem('refresh', res.data.refresh)
})To authenticate the user for future requests, set the Authorization header to Bearer <access_token> on all requests bound for the API.
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...For security, the access token will expire 24 hours after being issued. To obtain a new access token, the refresh token retrieved earlier can be included in the body of a POST request to /auth/token/refresh/. The refresh token is valid for 30 days after being issued. Once the refresh token expires, the user will have to log in again.
axios
.post('/auth/token/refresh/', { refresh: refreshToken })
.then(res => {
localStorage.setItem('access', res.data.access)
})Distributed under the MIT License. See LICENSE for more information.
Michael Romashov - michael.romashov@vatusa.net