With the multichannel support, the handling of auth, gossip, and btc-src
messages has been migrated to the single shared production Satellite API
server. There are separate logical channels now for these streams.
Hence, the previous dedicated servers used for them are no longer
required.
Previously, the /orders/:state endpoint only returned the "pending",
"queued", and "sent" states. This patch adds the following new states:
"paid", "transmitting", "confirming", "rx-pending", "retransmitting",
and "received". These are mapped directly to the order status, except
for the "rx-pending" and "retransmitting" states, which are inferred
based on other information. The "rx-pending" state returns orders with
sent status only, as opposed to the call to /orders/sent, which returns
orders with sent and received status. The "retransmitting" state returns
any order with entries on the retransmission database.
Previously, it was possible to filter orders before an ISO date only.
With this patch, it is now possible to filter before and after ISO
dates, so a window can be defined (with start and end datetimes). Also,
it is now possible to specify the start and end times of the filtering
window with deltas in seconds relative to the current UTC time. For
instance, with before_delta=60 and after_delta=120, the filtered window
starts 2 min ago and ends 1 min ago.
The auth channel does not allow users to get messages (access them over
the internet). Hence, a regular SSE client should not be able to monitor
the events generated on the auth channel. In contrast, an admin host
should be able to monitor the auth events. For that, this patch adds an
/admin/subscribe endpoint that is SSL-authenticated in production, so
only the admin hosts can connect to it.
The same server now can handle multiple logical channels, on which the
transmitter logic runs independently. That is, while previously a single
message would be in transmitting state at a time, now multiple messages
can be in transmitting state as long as they belong to distinct logical
channels.
The supported channels each have different permissions. The user channel
is where users can post, get, and delete messages as needed. In
contrast, the other channels do not grant all permissions to users. Some
are read-only (users can get but not post) and there is a channel (the
auth channel) on which users have no permissions (neither get nor post).
For the channels on which users do not have all permissions (get, post,
and delete), this patch adds admin-specific routes, which are prefixed
by /admin/. The /admin/ route is protected via SSL in production and
allows the admin host to send GET/POST/DELETE requests normally. Hence,
for instance, the admin host can post a message on the auth channel
(with POST /admin/order) and read it (with GET /admin/order) for
transmission over satellite, whereas regulars cannot. With this scheme,
the auth channel messages are accessible exclusively over satellite (and
not over the internet).
The admin routes were added to the following endpoints:
- /order/<uuid> (GET and DELETE requests)
- /order (POST request)
- /orders/<state> (GET request)
- /message/<tx_seq_num> (GET request)
The messages posted by the admin are not paid, so this patch removes the
requirement of invoice generation and payment. Only paid orders now
generate an invoice. Thus, the POST request to the /order/ endpoint does
not return an invoice for non-paid (admin-only) messages.
Also, this patch updates the queue page to display the orders separately
for each channel. The query string channel parameter determines which
channel the page shows.
Finally, this patch updates the events published into the Redis db on
transmission. The event includes the corresponding logical channel so
that SSE events can be subscribed independently for each channel.
The former daemon.sh script was replaced by the workers.sh script in
2cfc398. Update on the terraform setup and also rename the service now
that it no longer consists of only Tx-related daemon workers.
Flask-RESTful returns a JSON response by default when returning a
dictionary. It's not necessary to dump the returning dictionary into a
JSON-serialized string. Otherwise, the client will see a string response
instead of a JSON response.
This change implements a mechanism to retransmit orders if some of the
order's selected regions do not confirm transmission in due time. It
adds a worker to repeatedly check the orders and determine if they need
retransmission. Such orders will be added to a new table named
tx_retries. The tx_start function now first checks if there are regular
new paid orders to transmit. If not, it will check the retransmission
table and retransmit an order from there if one is available.
This patch also introduces a new order state called "retranmission". The
order enters this state while waiting for retransmission.
Users can provide a list of regions to POST /order requests. This list
indicates on which regions the order should be transmitted. It also
determines the expected transmission and reception confirmations.
This change removes the infinite transmission loop with sleep periods
between each transmission. Now, a new transmission can start by a call
to "tx_start" on the following two conditions:
1) As soon as the application starts (if there is a previously paid
order waiting already).
2) As soon as the current transmission ends. The server will immediately
look for the next order ready for transmission and start it if
available.
Meanwhile, the condition for ending the current transmission (i.e., for
calling "tx_end(order)") is when all Tx confirmations are received from
all regions.
If the env var is not defined, fall back to a random string. However,
note the random string won't work over gunicorn if using multiple
workers. In this case, it is necessary to define the env var.
