codey/api
1
0
Fork 0
Code Issues Pull Requests Activity
Files
435fcc3b2e082b9c53156e30f7c3e794aadd51d5
api/endpoints/lighting.py
codey 435fcc3b2e lighting: 2FA<->GE changes, improved connection management 
lrclib (lyric_search/sources): performance improvements
2026-02-07 09:33:16 -05:00

993 lines
37 KiB
Python
Raw Blame History

"""
Cync Lighting Control API
This module provides a FastAPI endpoint for controlling Cync smart lights.
It maintains a persistent connection to the Cync cloud service and handles
authentication, token caching, and connection lifecycle management.
Key behaviors:
- pycync uses a TCP/TLS connection that requires login acknowledgment before commands work
- Commands are sent through a WiFi-connected "hub" device to the Bluetooth mesh
- The TCP manager auto-reconnects on disconnect with a 10-second delay
- We wait for the connection to be fully ready before sending commands
- 2FA codes are read from Redis key 'cync:2fa_code' - no stdin blocking
"""
import logging
import json
import os
import time
import asyncio
from typing import Optional, Any
from dataclasses import dataclass, field
from enum import Enum
import aiohttp
from fastapi import FastAPI, Depends, HTTPException, Request
from fastapi_throttle import RateLimiter
from fastapi.responses import JSONResponse
from auth.deps import get_current_user
from dotenv import load_dotenv
from pycync.user import User # type: ignore
from pycync.cync import Cync # type: ignore
from pycync import Auth # type: ignore
from pycync.exceptions import TwoFactorRequiredError, AuthFailedError # type: ignore
# Configure logging
logger = logging.getLogger(__name__)
class ConnectionStatus(Enum):
"""Connection status enum for better tracking."""
DISCONNECTED = "disconnected"
CONNECTING = "connecting"
CONNECTED = "connected"
AWAITING_2FA = "awaiting_2fa"
ERROR = "error"
@dataclass
class CyncConnectionState:
"""Track the state of our Cync connection."""
session: Optional[aiohttp.ClientSession] = None
auth: Optional[Auth] = None
cync_api: Optional[Cync] = None
user: Optional[User] = None
connected_at: Optional[float] = None
last_command_at: Optional[float] = None
last_successful_command: Optional[float] = None
status: ConnectionStatus = ConnectionStatus.DISCONNECTED
consecutive_failures: int = 0
last_error: Optional[str] = None
class Lighting:
"""
Cync Lighting Controller
Manages authentication and device control for Cync smart lights.
Uses pycync library which maintains a TCP connection for device commands.
2FA Handling:
- When 2FA is required, status changes to AWAITING_2FA
- Set the 2FA code via Redis: SET cync:2fa_code "123456"
- Or via environment variable: CYNC_2FA_CODE=123456
- The system polls for the code and automatically retries login
"""
# Configuration
TOKEN_EXPIRY_BUFFER = 300 # Consider token expired 5 min before actual expiry
CONNECTION_READY_TIMEOUT = 15 # Max seconds to wait for TCP connection to be ready
COMMAND_DELAY = 0.3 # Delay between sequential commands
MAX_RETRIES = 3
MAX_CONSECUTIVE_FAILURES = 5 # Force full reconnect after this many failures
HEALTH_CHECK_INTERVAL = 30 # Check connection health every 30s
TWO_FA_POLL_INTERVAL = 5 # Poll for 2FA code every 5 seconds
TWO_FA_TIMEOUT = 300 # 5 minutes to enter 2FA code
REDIS_2FA_KEY = "cync:2fa_code"
REDIS_STATUS_KEY = "cync:connection_status"
def __init__(self, app: FastAPI, util: Any, constants: Any) -> None:
load_dotenv()
self.app = app
self.util = util
self.constants = constants
# Redis for state persistence - use shared sync client
import shared
self.redis_client = shared.get_redis_sync_client(decode_responses=True)
self.lighting_key = "lighting:state"
# Cync configuration from environment
self.cync_email = os.getenv("CYNC_EMAIL")
self.cync_password = os.getenv("CYNC_PASSWORD")
self.cync_device_name = os.getenv("CYNC_DEVICE_NAME")
self.token_cache_path = "cync_token.json"
# Connection state
self._state = CyncConnectionState()
self._connection_lock = asyncio.Lock()
self._health_task: Optional[asyncio.Task] = None
self._2fa_task: Optional[asyncio.Task] = None
# Register routes
self._register_routes()
def _register_routes(self) -> None:
"""Register FastAPI routes."""
common_deps = [
Depends(RateLimiter(times=25, seconds=2)),
Depends(get_current_user),
]
self.app.add_api_route(
"/lighting/state",
self.get_lighting_state,
methods=["GET"],
dependencies=common_deps,
include_in_schema=False,
)
self.app.add_api_route(
"/lighting/state",
self.set_lighting_state,
methods=["POST"],
dependencies=common_deps,
include_in_schema=False,
)
# Status endpoint - no auth required for monitoring
self.app.add_api_route(
"/lighting/connection-status",
self.get_connection_status,
methods=["GET"],
include_in_schema=False,
)
# 2FA submission endpoint - no auth required since 2FA is pre-auth
self.app.add_api_route(
"/lighting/2fa",
self.submit_2fa_code,
methods=["POST"],
dependencies=[Depends(RateLimiter(times=5, seconds=60))], # Rate limit only
include_in_schema=False,
)
# Force reconnect endpoint - requires auth
self.app.add_api_route(
"/lighting/reconnect",
self.force_reconnect,
methods=["POST"],
dependencies=common_deps,
include_in_schema=False,
)
# =========================================================================
# Lifecycle Management
# =========================================================================
async def startup(self) -> None:
"""Initialize on app startup. Call from lifespan context manager."""
self._validate_config()
try:
await self._connect()
logger.info("Cync lighting initialized successfully")
except TwoFactorRequiredError:
logger.warning("Cync requires 2FA - waiting for code via Redis or API")
# Don't raise - 2FA polling task will handle this
except Exception as e:
logger.error(f"Failed to initialize Cync at startup: {e}")
self._state.status = ConnectionStatus.ERROR
self._state.last_error = str(e)
# Don't raise - allow app to start, will retry on first request
# Start background health monitoring
self._health_task = asyncio.create_task(self._health_monitor())
self._update_status_in_redis()
async def shutdown(self) -> None:
"""Cleanup on app shutdown. Call from lifespan context manager."""
if self._health_task:
self._health_task.cancel()
try:
await self._health_task
except asyncio.CancelledError:
pass
if self._2fa_task:
self._2fa_task.cancel()
try:
await self._2fa_task
except asyncio.CancelledError:
pass
await self._disconnect()
logger.info("Cync lighting shut down")
def _update_status_in_redis(self) -> None:
"""Update connection status in Redis for monitoring."""
try:
status_data = {
"status": self._state.status.value,
"connected_at": self._state.connected_at,
"last_command_at": self._state.last_command_at,
"last_successful_command": self._state.last_successful_command,
"consecutive_failures": self._state.consecutive_failures,
"last_error": self._state.last_error,
"updated_at": time.time(),
}
self.redis_client.set(self.REDIS_STATUS_KEY, json.dumps(status_data), ex=300)
except Exception as e:
logger.debug(f"Failed to update status in Redis: {e}")
def _validate_config(self) -> None:
"""Validate required environment variables."""
missing = []
if not self.cync_email:
missing.append("CYNC_EMAIL")
if not self.cync_password:
missing.append("CYNC_PASSWORD")
if not self.cync_device_name:
missing.append("CYNC_DEVICE_NAME")
if missing:
raise RuntimeError(f"Missing required env vars: {', '.join(missing)}")
# =========================================================================
# Connection Management
# =========================================================================
async def _connect(self, force: bool = False) -> None:
"""
Establish connection to Cync cloud.
This creates the aiohttp session, authenticates, and initializes
the pycync API which starts its TCP connection.
"""
async with self._connection_lock:
# Check if we need to connect
if not force and self._is_connection_valid():
return
logger.info("Establishing Cync connection...")
self._state.status = ConnectionStatus.CONNECTING
self._update_status_in_redis()
# Clean up existing connection
await self._disconnect_unlocked()
# Create HTTP session
timeout = aiohttp.ClientTimeout(total=30, connect=10)
self._state.session = aiohttp.ClientSession(timeout=timeout)
# Authenticate
await self._authenticate()
# Create Cync API (starts TCP connection)
logger.info("Creating Cync API instance...")
assert self._state.auth is not None # Set by _authenticate
self._state.cync_api = await Cync.create(self._state.auth)
# Wait for TCP connection to be ready
await self._wait_for_connection_ready()
self._state.connected_at = time.time()
self._state.status = ConnectionStatus.CONNECTED
self._state.last_error = None
self._update_status_in_redis()
logger.info("Cync connection established")
async def _disconnect(self) -> None:
"""Disconnect and cleanup resources."""
async with self._connection_lock:
await self._disconnect_unlocked()
async def _disconnect_unlocked(self) -> None:
"""Disconnect without acquiring lock (internal use)."""
# Shutdown pycync TCP connection
if self._state.cync_api:
try:
# pycync's command client has a shut_down method
client = getattr(self._state.cync_api, "_command_client", None)
if client:
await client.shut_down()
except Exception as e:
logger.warning(f"Error shutting down Cync client: {e}")
# Close HTTP session
if self._state.session and not self._state.session.closed:
await self._state.session.close()
await asyncio.sleep(0.1) # Allow cleanup
# Reset state
self._state = CyncConnectionState()
def _is_connection_valid(self) -> bool:
"""Check if current connection is usable."""
if not self._state.cync_api or not self._state.session:
return False
if self._state.session.closed:
return False
if not self._is_tcp_connected():
logger.info("Cync TCP manager not connected; will reconnect")
return False
# Check token expiry
if self._is_token_expired():
logger.info("Token expired or expiring soon")
return False
return True
def _is_tcp_connected(self) -> bool:
"""Best-effort check that the pycync TCP connection is alive."""
client = getattr(self._state.cync_api, "_command_client", None)
if not client:
return False
tcp_manager = getattr(client, "_tcp_manager", None)
if not tcp_manager:
return False
# If login was never acknowledged or was cleared, treat as disconnected
if not getattr(tcp_manager, "_login_acknowledged", False):
return False
writer = getattr(tcp_manager, "_writer", None)
reader = getattr(tcp_manager, "_reader", None)
# If underlying streams are closed, reconnect
if writer and writer.is_closing():
return False
if reader and reader.at_eof():
return False
# Some versions expose a _closed flag
if getattr(tcp_manager, "_closed", False):
return False
return True
def _is_token_expired(self) -> bool:
"""Check if token is expired or will expire soon."""
if not self._state.user:
return True
expires_at = getattr(self._state.user, "expires_at", 0)
return expires_at < (time.time() + self.TOKEN_EXPIRY_BUFFER)
async def _wait_for_connection_ready(self) -> None:
"""
Wait for pycync TCP connection to be fully ready.
pycync's TCP manager waits for login acknowledgment before sending
any commands. We need to wait for this to complete.
"""
if not self._state.cync_api:
raise RuntimeError("Cync API not initialized")
client = getattr(self._state.cync_api, "_command_client", None)
if not client:
logger.warning("Could not access command client")
return
tcp_manager = getattr(client, "_tcp_manager", None)
if not tcp_manager:
logger.warning("Could not access TCP manager")
return
# Wait for login to be acknowledged
start = time.time()
while not getattr(tcp_manager, "_login_acknowledged", False):
if time.time() - start > self.CONNECTION_READY_TIMEOUT:
raise TimeoutError("Timed out waiting for Cync login acknowledgment")
await asyncio.sleep(0.2)
logger.debug("Waiting for Cync TCP login acknowledgment...")
# Give a tiny bit more time for device probing to start
await asyncio.sleep(0.5)
logger.info(f"Cync TCP connection ready (took {time.time() - start:.1f}s)")
# =========================================================================
# Authentication
# =========================================================================
async def _authenticate(self) -> None:
"""Authenticate with Cync, using cached token if valid."""
# Try cached token first
cached_user = self._load_cached_token()
# These are validated by _validate_config at startup
assert self._state.session is not None
assert self.cync_email is not None
assert self.cync_password is not None
if cached_user and not self._is_user_token_expired(cached_user):
logger.info("Using cached Cync token")
self._state.auth = Auth(
session=self._state.session,
user=cached_user,
username=self.cync_email,
password=self.cync_password,
)
self._state.user = cached_user
return
# Need fresh login
logger.info("Performing fresh Cync login...")
self._state.auth = Auth(
session=self._state.session,
username=self.cync_email,
password=self.cync_password,
)
try:
self._state.user = await self._state.auth.login()
self._save_cached_token(self._state.user)
logger.info("Cync login successful")
except TwoFactorRequiredError:
await self._handle_2fa()
except AuthFailedError as e:
logger.error(f"Cync authentication failed: {e}")
raise
async def _handle_2fa(self) -> None:
"""
Handle 2FA authentication by polling Redis for the code.
This is non-blocking - it sets the status to AWAITING_2FA and starts
a background task to poll for the code. The code can be provided via:
1. Environment variable CYNC_2FA_CODE (checked first)
2. Redis key 'cync:2fa_code' (polled continuously)
3. POST /lighting/2fa endpoint (sets the Redis key)
"""
# Try environment variable first (for initial startup)
twofa_code = os.getenv("CYNC_2FA_CODE")
if twofa_code:
await self._complete_2fa_login(twofa_code.strip())
return
# Set status and start polling Redis
self._state.status = ConnectionStatus.AWAITING_2FA
self._state.last_error = "2FA code required - check email and submit via API or Redis"
self._update_status_in_redis()
logger.warning(
"Cync 2FA required. Submit code via POST /lighting/2fa or "
f"set Redis key '{self.REDIS_2FA_KEY}'"
)
# Start background polling task if not already running
if self._2fa_task is None or self._2fa_task.done():
self._2fa_task = asyncio.create_task(self._poll_for_2fa_code())
# Raise to signal caller that we're waiting for 2FA
raise TwoFactorRequiredError("Awaiting 2FA code via Redis or API")
async def _poll_for_2fa_code(self) -> None:
"""Background task to poll Redis for 2FA code."""
start_time = time.time()
while time.time() - start_time < self.TWO_FA_TIMEOUT:
try:
# Check Redis for 2FA code
code = self.redis_client.get(self.REDIS_2FA_KEY)
if code:
code_str = code.decode() if isinstance(code, bytes) else str(code)
code_str = code_str.strip()
if code_str:
logger.info("Found 2FA code in Redis, attempting login...")
# Clear the code from Redis immediately
self.redis_client.delete(self.REDIS_2FA_KEY)
try:
await self._complete_2fa_login(code_str)
logger.info("2FA login successful via Redis polling")
return
except Exception as e:
logger.error(f"2FA login failed: {e}")
self._state.last_error = f"2FA login failed: {e}"
self._update_status_in_redis()
# Continue polling in case user wants to retry
await asyncio.sleep(self.TWO_FA_POLL_INTERVAL)
except asyncio.CancelledError:
logger.info("2FA polling task cancelled")
raise
except Exception as e:
logger.error(f"Error polling for 2FA code: {e}")
await asyncio.sleep(self.TWO_FA_POLL_INTERVAL)
# Timeout reached
logger.error(f"2FA code timeout after {self.TWO_FA_TIMEOUT}s")
self._state.status = ConnectionStatus.ERROR
self._state.last_error = f"2FA code timeout after {self.TWO_FA_TIMEOUT}s"
self._update_status_in_redis()
async def _complete_2fa_login(self, code: str) -> None:
"""Complete the 2FA login process with the provided code."""
if not code:
raise ValueError("Empty 2FA code provided")
logger.info("Completing 2FA login...")
try:
assert self._state.auth is not None, "Auth not initialized"
self._state.user = await self._state.auth.login(two_factor_code=code)
self._save_cached_token(self._state.user)
# Now complete the connection
self._state.status = ConnectionStatus.CONNECTING
self._update_status_in_redis()
# Reconnect with the new token
await self._connect(force=True)
logger.info("Cync 2FA login successful")
except TwoFactorRequiredError:
# Code was invalid, still needs 2FA
self._state.status = ConnectionStatus.AWAITING_2FA
self._state.last_error = "Invalid 2FA code - try again"
self._update_status_in_redis()
raise
except Exception as e:
self._state.status = ConnectionStatus.ERROR
self._state.last_error = f"2FA login failed: {e}"
self._update_status_in_redis()
logger.error(f"Cync 2FA login failed: {e}")
raise
def _is_user_token_expired(self, user: User) -> bool:
"""Check if a user's token is expired."""
expires_at = getattr(user, "expires_at", 0)
return expires_at < (time.time() + self.TOKEN_EXPIRY_BUFFER)
def _load_cached_token(self) -> Optional[User]:
"""Load cached authentication token from disk."""
try:
if not os.path.exists(self.token_cache_path):
return None
with open(self.token_cache_path, "r") as f:
data = json.load(f)
return User(
access_token=data["access_token"],
refresh_token=data["refresh_token"],
authorize=data["authorize"],
user_id=data["user_id"],
expires_at=data["expires_at"],
)
except Exception as e:
logger.warning(f"Failed to load cached token: {e}")
return None
def _save_cached_token(self, user: User) -> None:
"""Save authentication token to disk."""
try:
data = {
"access_token": user.access_token,
"refresh_token": user.refresh_token,
"authorize": user.authorize,
"user_id": user.user_id,
"expires_at": user.expires_at,
}
with open(self.token_cache_path, "w") as f:
json.dump(data, f)
logger.debug("Saved Cync token to disk")
except Exception as e:
logger.warning(f"Failed to save token: {e}")
def _clear_cached_token(self) -> None:
"""Remove cached token file."""
try:
if os.path.exists(self.token_cache_path):
os.remove(self.token_cache_path)
logger.info("Cleared cached token")
except OSError:
pass
# =========================================================================
# Health Monitoring
# =========================================================================
async def _health_monitor(self) -> None:
"""
Background task to monitor connection health and reconnect aggressively.
Checks every HEALTH_CHECK_INTERVAL seconds and reconnects if:
- Token is expiring soon
- TCP connection appears dead
- Too many consecutive command failures
"""
while True:
try:
await asyncio.sleep(self.HEALTH_CHECK_INTERVAL)
# Skip health checks if awaiting 2FA
if self._state.status == ConnectionStatus.AWAITING_2FA:
continue
needs_reconnect = False
reason = ""
# Check consecutive failures
if self._state.consecutive_failures >= self.MAX_CONSECUTIVE_FAILURES:
needs_reconnect = True
reason = f"{self._state.consecutive_failures} consecutive failures"
self._state.consecutive_failures = 0 # Reset counter
# Proactively refresh if token is expiring
elif self._is_token_expired():
needs_reconnect = True
reason = "token expiring"
# Reconnect if TCP connection looks dead
elif not self._is_tcp_connected():
needs_reconnect = True
reason = "TCP connection lost"
if needs_reconnect:
logger.warning(f"Health monitor triggering reconnection: {reason}")
self._state.status = ConnectionStatus.CONNECTING
self._update_status_in_redis()
try:
await self._connect(force=True)
logger.info("Health monitor reconnection successful")
except TwoFactorRequiredError:
logger.warning("Reconnection requires 2FA - waiting for code")
# 2FA handler will update status
except Exception as e:
logger.error(f"Health monitor reconnection failed: {e}")
self._state.status = ConnectionStatus.ERROR
self._state.last_error = str(e)
self._update_status_in_redis()
except asyncio.CancelledError:
break
except Exception as e:
logger.error(f"Health monitor error: {e}")
# =========================================================================
# Device Control
# =========================================================================
async def _get_device(self):
"""Get the target light device."""
if not self._state.cync_api:
raise RuntimeError("Cync not connected")
devices = self._state.cync_api.get_devices()
if not devices:
raise RuntimeError("No devices found")
device = next(
(d for d in devices if getattr(d, "name", None) == self.cync_device_name),
None,
)
if not device:
available = [getattr(d, "name", "unnamed") for d in devices]
raise RuntimeError(
f"Device '{self.cync_device_name}' not found. Available: {available}"
)
return device
async def _send_commands(
self,
power: str,
brightness: Optional[int] = None,
rgb: Optional[tuple[int, int, int]] = None,
) -> None:
"""
Send commands to the light device.
Commands are sent sequentially with small delays to ensure
the TCP connection processes each one.
"""
device = await self._get_device()
logger.info(f"Sending commands to device: {device.name}")
# Power
if power == "on":
await device.turn_on()
logger.debug("Sent turn_on")
else:
await device.turn_off()
logger.debug("Sent turn_off")
await asyncio.sleep(self.COMMAND_DELAY)
# Brightness
if brightness is not None:
await device.set_brightness(brightness)
logger.debug(f"Sent brightness: {brightness}")
await asyncio.sleep(self.COMMAND_DELAY)
# Color
if rgb:
await device.set_rgb(rgb)
logger.debug(f"Sent RGB: {rgb}")
await asyncio.sleep(self.COMMAND_DELAY)
# Track success
now = time.time()
self._state.last_command_at = now
self._state.last_successful_command = now
self._state.consecutive_failures = 0
self._update_status_in_redis()
# =========================================================================
# API Endpoints
# =========================================================================
async def get_lighting_state(self, user=Depends(get_current_user)) -> JSONResponse:
"""Get the current lighting state from Redis."""
if "lighting" not in user.get("roles", []) and "admin" not in user.get(
"roles", []
):
raise HTTPException(status_code=403, detail="Insufficient permissions")
try:
state = self.redis_client.get(self.lighting_key)
if state:
return JSONResponse(content=json.loads(str(state)))
# Default state
return JSONResponse(
content={
"power": "off",
"brightness": 50,
"color": {"r": 255, "g": 255, "b": 255},
}
)
except Exception as e:
logger.error(f"Error getting lighting state: {e}")
raise HTTPException(status_code=500, detail="Internal server error")
async def set_lighting_state(
self, request: Request, user=Depends(get_current_user)
) -> JSONResponse:
"""Set the lighting state and apply to Cync device."""
try:
if "lighting" not in user.get("roles", []) and "admin" not in user.get(
"roles", []
):
raise HTTPException(status_code=403, detail="Insufficient permissions")
state = await request.json()
logger.info(f"Lighting request: {state}")
# Validate
if not isinstance(state, dict):
raise HTTPException(
status_code=400, detail="State must be a JSON object"
)
power, brightness, rgb = self._parse_state(state)
# Save to Redis (even if device command fails)
self.redis_client.set(self.lighting_key, json.dumps(state))
# Apply to device with retries
await self._apply_state_with_retry(power, brightness, rgb)
logger.info(
f"Successfully applied state: power={power}, brightness={brightness}, rgb={rgb}"
)
return JSONResponse(
content={
"message": "Lighting state updated",
"state": state,
}
)
except HTTPException:
raise
except Exception as e:
logger.error(f"Error setting lighting state: {e}")
raise HTTPException(status_code=500, detail=str(e))
def _parse_state(self, state: dict) -> tuple[str, Optional[int], Optional[tuple]]:
"""Parse and validate lighting state from request."""
# Power
power = state.get("power", "off")
if power not in ("on", "off"):
raise HTTPException(status_code=400, detail=f"Invalid power: {power}")
# Brightness
brightness = None
if "brightness" in state:
brightness = state["brightness"]
if not isinstance(brightness, (int, float)) or not (0 <= brightness <= 100):
raise HTTPException(
status_code=400, detail=f"Invalid brightness: {brightness}"
)
brightness = int(brightness)
# Color
rgb = None
color = state.get("color")
if (
color
and isinstance(color, dict)
and all(k in color for k in ("r", "g", "b"))
):
rgb = (color["r"], color["g"], color["b"])
elif all(k in state for k in ("red", "green", "blue")):
rgb = (state["red"], state["green"], state["blue"])
if rgb:
for i, name in enumerate(("red", "green", "blue")):
if not isinstance(rgb[i], int) or not (0 <= rgb[i] <= 255):
raise HTTPException(
status_code=400, detail=f"Invalid {name}: {rgb[i]}"
)
return power, brightness, rgb
async def _apply_state_with_retry(
self,
power: str,
brightness: Optional[int],
rgb: Optional[tuple],
) -> None:
"""Apply state to device with connection retry logic."""
last_error: Optional[Exception] = None
for attempt in range(self.MAX_RETRIES):
try:
# Ensure connection (force reconnect on retries)
await self._connect(force=(attempt > 0))
# Send commands
await self._send_commands(power, brightness, rgb)
return # Success
except (AuthFailedError, TwoFactorRequiredError) as e:
last_error = e
self._state.consecutive_failures += 1
self._state.last_error = str(e)
logger.warning(f"Auth error on attempt {attempt + 1}: {e}")
self._clear_cached_token()
except TimeoutError as e:
last_error = e
self._state.consecutive_failures += 1
self._state.last_error = str(e)
logger.warning(f"Timeout on attempt {attempt + 1}: {e}")
except Exception as e:
last_error = e
self._state.consecutive_failures += 1
self._state.last_error = str(e)
logger.warning(
f"Error on attempt {attempt + 1}: {type(e).__name__}: {e}"
)
# Wait before retry (exponential backoff)
if attempt < self.MAX_RETRIES - 1:
wait_time = 2**attempt
logger.info(f"Retrying in {wait_time}s...")
await asyncio.sleep(wait_time)
# All retries failed
self._update_status_in_redis()
logger.error(f"All {self.MAX_RETRIES} attempts failed")
raise last_error or RuntimeError("Failed to apply lighting state")
# =========================================================================
# Connection Status & 2FA Endpoints
# =========================================================================
async def get_connection_status(self) -> JSONResponse:
"""
Get the current Cync connection status.
Returns status, error info, and timing information.
No authentication required - useful for monitoring.
"""
try:
# Try to get from Redis first (more up-to-date)
cached = self.redis_client.get(self.REDIS_STATUS_KEY)
if cached:
data = json.loads(cached.decode() if isinstance(cached, bytes) else str(cached))
return JSONResponse(content=data)
# Fall back to current state
return JSONResponse(content={
"status": self._state.status.value,
"connected_at": self._state.connected_at,
"last_command_at": self._state.last_command_at,
"last_successful_command": self._state.last_successful_command,
"consecutive_failures": self._state.consecutive_failures,
"last_error": self._state.last_error,
"updated_at": time.time(),
})
except Exception as e:
logger.error(f"Error getting connection status: {e}")
return JSONResponse(
status_code=500,
content={"error": str(e), "status": "unknown"}
)
async def submit_2fa_code(self, request: Request) -> JSONResponse:
"""
Submit a 2FA code for Cync authentication.
The code will be stored in Redis and picked up by the polling task.
No authentication required since 2FA is needed to set up the connection.
Request body: {"code": "123456"}
"""
try:
body = await request.json()
code = body.get("code", "").strip()
if not code:
raise HTTPException(status_code=400, detail="Missing 'code' in request body")
if not code.isdigit() or len(code) != 6:
raise HTTPException(status_code=400, detail="Code must be 6 digits")
# Store in Redis for the polling task to pick up
self.redis_client.set(self.REDIS_2FA_KEY, code, ex=self.TWO_FA_TIMEOUT)
logger.info("2FA code submitted via API")
return JSONResponse(content={
"message": "2FA code submitted successfully",
"status": self._state.status.value,
"note": "The code will be used on the next authentication attempt"
})
except HTTPException:
raise
except Exception as e:
logger.error(f"Error submitting 2FA code: {e}")
raise HTTPException(status_code=500, detail=str(e))
async def force_reconnect(self, user=Depends(get_current_user)) -> JSONResponse:
"""
Force a reconnection to the Cync service.
Requires admin or lighting role.
"""
if "lighting" not in user.get("roles", []) and "admin" not in user.get("roles", []):
raise HTTPException(status_code=403, detail="Insufficient permissions")
try:
logger.info("Force reconnect requested via API")
self._state.status = ConnectionStatus.CONNECTING
self._update_status_in_redis()
await self._connect(force=True)
return JSONResponse(content={
"message": "Reconnection successful",
"status": self._state.status.value,
})
except TwoFactorRequiredError:
return JSONResponse(
status_code=202,
content={
"message": "Reconnection requires 2FA",
"status": ConnectionStatus.AWAITING_2FA.value,
"action": "Submit 2FA code via POST /lighting/2fa"
}
)
except Exception as e:
logger.error(f"Force reconnect failed: {e}")
raise HTTPException(status_code=500, detail=str(e))
Reference in New Issue View Git Blame Copy Permalink