Giters

AudiovisualMetadataPlatform / galaxy_proxy

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

galaxy_proxy

PROOF OF CONCEPT -- DO NOT USE IN PRODUCTION

This is a proof-of-concept proxy to allow the galaxy workflow editor to be limited so it doesn't allow unauthorized access to the galaxy backend.

I slapped it together in about 45 minutes so there are a lot of things it doesn't do that would be required to make sure it would work in a production setting:

  • communicate with AMP to validate an AMP session cookie
  • validate that the AMP user is currently editing a workflow and which one
  • validate the URL is a valid call for a user to edit the particular workflow
  • log into galaxy and store the galaxy session cookie on the AMP side, or retrieve an existing cookie from the AMP user session.
  • catch any galaxysession cookie updates and update the AMP end
  • default to deny-all instead of the allow-all as it's currently implemented
  • deal with any corner case issues with the http protocol, especially in regards to caching parameters
  • better logging and debugging
  • performance using the ThreadedHTTPServer class may not be up to par
  • I worry a bit about the REST payload size. Meh, it'll probably be fine.

About

License:Apache License 2.0

Languages

Language:Python 100.0%