wip

2025-09-09 10:01:49 +00:00 · 2021-07-25 20:45:15 +02:00
parent badc8302ce
commit 83c5e11a61
37 changed files with 37 additions and 5 deletions
--- a/backend/tabby/app/init.py
+++ b/backend/tabby/app/init.py
--- a/backend/tabby/app/admin.py
+++ b/backend/tabby/app/admin.py
@@ -0,0 +1,14 @@
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin
+from .models import Gateway, User, Config
+
+
+class CustomUserAdmin(UserAdmin):
+    fieldsets = UserAdmin.fieldsets + (
+        (None, {'fields': ('custom_connection_gateway', 'custom_connection_gateway_token')}),
+    )
+
+
+admin.site.register(User, CustomUserAdmin)
+admin.site.register(Config)
+admin.site.register(Gateway)
--- a/backend/tabby/app/api.py
+++ b/backend/tabby/app/api.py
@@ -0,0 +1,201 @@
+import asyncio
+import random
+from django.conf import settings
+from django.contrib.auth import logout
+from dataclasses import dataclass
+from pathlib import Path
+from rest_framework import fields, status
+from rest_framework.exceptions import APIException, PermissionDenied, NotFound
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.mixins import ListModelMixin, RetrieveModelMixin, UpdateModelMixin
+from rest_framework.views import APIView
+from rest_framework.viewsets import GenericViewSet, ModelViewSet
+from rest_framework.serializers import ModelSerializer, Serializer
+from rest_framework_dataclasses.serializers import DataclassSerializer
+from social_django.models import UserSocialAuth
+from typing import List
+
+from .consumers import GatewayAdminConnection
+from .sponsors import check_is_sponsor, check_is_sponsor_cached
+from .models import Config, Gateway, User
+
+
+@dataclass
+class AppVersion:
+    version: str
+    plugins: List[str]
+
+
+class AppVersionSerializer(DataclassSerializer):
+    class Meta:
+        dataclass = AppVersion
+
+
+class GatewaySerializer(ModelSerializer):
+    url = fields.SerializerMethodField()
+    auth_token = fields.CharField()
+
+    class Meta:
+        fields = '__all__'
+        model = Gateway
+
+    def get_url(self, gw):
+        return f'{"wss" if gw.secure else "ws"}://{gw.host}:{gw.port}/'
+
+
+class ConfigSerializer(ModelSerializer):
+    name = fields.CharField(required=False)
+
+    class Meta:
+        model = Config
+        read_only_fields = ('user', 'created_at', 'modified_at')
+        fields = '__all__'
+
+
+class ConfigViewSet(ModelViewSet):
+    queryset = Config.objects.all()
+    serializer_class = ConfigSerializer
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        if self.request.user.is_authenticated:
+            return Config.objects.filter(user=self.request.user)
+        return Config.objects.none()
+
+    def perform_create(self, serializer):
+        serializer.save(user=self.request.user)
+
+
+class AppVersionViewSet(ListModelMixin, GenericViewSet):
+    serializer_class = AppVersionSerializer
+    lookup_field = 'id'
+    lookup_value_regex = r'[\w\d.-]+'
+    queryset = ''
+
+    def _get_versions(self):
+        return [self._get_version(x) for x in settings.APP_DIST_PATH.iterdir()]
+
+    def _get_version(self, dir: Path):
+        plugins = [
+            x.name for x in dir.iterdir()
+            if x.is_dir() and x.name not in [
+                'tabby-web-container',
+                'tabby-web-demo',
+            ]
+        ]
+
+        return AppVersion(
+            version=dir.name,
+            plugins=plugins,
+        )
+
+    def list(self, request, *args, **kwargs):
+        return Response(
+            self.serializer_class(
+                self._get_versions(),
+                many=True,
+            ).data
+        )
+
+
+class UserSerializer(ModelSerializer):
+    id = fields.IntegerField()
+    is_pro = fields.SerializerMethodField()
+    is_sponsor = fields.SerializerMethodField()
+    github_username = fields.SerializerMethodField()
+
+    class Meta:
+        model = User
+        fields = (
+            'id',
+            'username',
+            'active_config',
+            'custom_connection_gateway',
+            'custom_connection_gateway_token',
+            'config_sync_token',
+            'is_pro',
+            'is_sponsor',
+            'github_username',
+        )
+        read_only_fields = ('id', 'username')
+
+    def get_is_pro(self, obj):
+        return check_is_sponsor_cached(obj) or obj.force_pro
+
+    def get_is_sponsor(self, obj):
+        return check_is_sponsor_cached(obj)
+
+    def get_github_username(self, obj):
+        social_auth = UserSocialAuth.objects.filter(user=obj, provider='github').first()
+        if not social_auth:
+            return None
+
+        return social_auth.extra_data.get('login')
+
+
+class UserViewSet(RetrieveModelMixin, UpdateModelMixin, GenericViewSet):
+    queryset = User.objects.all()
+    serializer_class = UserSerializer
+
+    def get_object(self):
+        if self.request.user.is_authenticated:
+            return self.request.user
+        raise PermissionDenied()
+
+
+class LogoutView(APIView):
+    def post(self, request, format=None):
+        logout(request)
+        return Response(None)
+
+
+class InstanceInfoSerializer(Serializer):
+    login_enabled = fields.BooleanField()
+
+
+class InstanceInfoViewSet(RetrieveModelMixin, GenericViewSet):
+    queryset = ''  # type: ignore
+    serializer_class = InstanceInfoSerializer
+
+    def get_object(self):
+        return {
+            'login_enabled': settings.ENABLE_LOGIN,
+        }
+
+
+class NoGatewaysError(APIException):
+    status_code = status.HTTP_503_SERVICE_UNAVAILABLE
+    default_detail ='No connection gateways available.'
+    default_code = 'no_gateways'
+
+
+class ChooseGatewayViewSet(RetrieveModelMixin, GenericViewSet):
+    queryset = Gateway.objects.filter(enabled=True)
+    serializer_class = GatewaySerializer
+
+    async def _authorize_client(self, gw):
+        c = GatewayAdminConnection(gw)
+        await c.connect()
+        token = await c.authorize_client()
+        await c.close()
+        return token
+
+    def get_object(self):
+        gateways = list(self.queryset)
+        random.shuffle(gateways)
+        if not len(gateways):
+            raise NotFound()
+
+        loop = asyncio.new_event_loop()
+        try:
+            for gw in gateways:
+                try:
+                    gw.auth_token = loop.run_until_complete(self._authorize_client(gw))
+                except ConnectionError:
+                    continue
+                return gw
+
+            raise NoGatewaysError()
+        finally:
+            loop.close()
--- a/backend/tabby/app/apps.py
+++ b/backend/tabby/app/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AppConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'tabby.app'
--- a/backend/tabby/app/consumers.py
+++ b/backend/tabby/app/consumers.py
@@ -0,0 +1,125 @@
+import asyncio
+import json
+import os
+import secrets
+import ssl
+import websockets
+from channels.generic.websocket import AsyncWebsocketConsumer
+from django.conf import settings
+from urllib.parse import quote
+
+from .models import Gateway
+
+
+class GatewayConnection:
+    _ssl_context: ssl.SSLContext = None
+
+    def __init__(self, host: str, port: int):
+        if settings.CONNECTION_GATEWAY_AUTH_KEY and not GatewayConnection._ssl_context:
+            ctx = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
+            ctx.load_cert_chain(
+                os.path.realpath(settings.CONNECTION_GATEWAY_AUTH_CERTIFICATE),
+                os.path.realpath(settings.CONNECTION_GATEWAY_AUTH_KEY),
+            )
+            if settings.CONNECTION_GATEWAY_AUTH_CA:
+                ctx.load_verify_locations(
+                    cafile=os.path.realpath(settings.CONNECTION_GATEWAY_AUTH_CA),
+                )
+                ctx.verify_mode = ssl.CERT_REQUIRED
+            GatewayConnection._ssl_context = ctx
+
+        proto = 'wss' if GatewayConnection._ssl_context else 'ws'
+        self.url = f'{proto}://localhost:9000/connect/{quote(host)}:{quote(str(port))}'
+
+    async def connect(self):
+        self.context = websockets.connect(self.url, ssl=GatewayConnection._ssl_context)
+        try:
+            self.socket = await self.context.__aenter__()
+        except OSError:
+            raise ConnectionError()
+
+    async def send(self, data):
+        await self.socket.send(data)
+
+    def recv(self, timeout=None):
+        return asyncio.wait_for(self.socket.recv(), timeout)
+
+    async def close(self):
+        await self.socket.close()
+        await self.context.__aexit__(None, None, None)
+
+
+class GatewayAdminConnection:
+    _ssl_context: ssl.SSLContext = None
+
+    def __init__(self, gateway: Gateway):
+        if not settings.CONNECTION_GATEWAY_AUTH_KEY:
+            raise RuntimeError('CONNECTION_GATEWAY_AUTH_KEY is required to manage connection gateways')
+        if not GatewayAdminConnection._ssl_context:
+            ctx = ssl.create_default_context(purpose=ssl.Purpose.CLIENT_AUTH)
+            ctx.load_cert_chain(
+                os.path.realpath(settings.CONNECTION_GATEWAY_AUTH_CERTIFICATE),
+                os.path.realpath(settings.CONNECTION_GATEWAY_AUTH_KEY),
+            )
+            if settings.CONNECTION_GATEWAY_AUTH_CA:
+                ctx.load_verify_locations(
+                    cafile=os.path.realpath(settings.CONNECTION_GATEWAY_AUTH_CA),
+                )
+                ctx.verify_mode = ssl.CERT_REQUIRED
+            GatewayAdminConnection._ssl_context = ctx
+
+        self.url = f'wss://{gateway.host}:{gateway.admin_port}'
+
+    async def connect(self):
+        self.context = websockets.connect(self.url, ssl=GatewayAdminConnection._ssl_context)
+        try:
+            self.socket = await self.context.__aenter__()
+        except OSError:
+            raise ConnectionError()
+
+    async def authorize_client(self) -> str:
+        token = secrets.token_hex(32)
+        await self.send(json.dumps({
+            '_': 'authorize-client',
+            'token': token,
+        }))
+        return token
+
+    async def send(self, data):
+        await self.socket.send(data)
+
+    async def close(self):
+        await self.socket.close()
+        await self.context.__aexit__(None, None, None)
+
+
+class TCPConsumer(AsyncWebsocketConsumer):
+    async def connect(self):
+        self.closed = False
+        self.conn = GatewayConnection(
+            self.scope['url_route']['kwargs']['host'],
+            int(self.scope['url_route']['kwargs']['port']),
+        )
+        await self.conn.connect()
+        await self.accept()
+        self.reader = asyncio.get_event_loop().create_task(self.socket_reader())
+
+    async def disconnect(self, close_code):
+        self.closed = True
+        await self.conn.close()
+
+    async def receive(self, bytes_data):
+        await self.conn.send(bytes_data)
+
+    async def socket_reader(self):
+        while True:
+            if self.closed:
+                return
+            try:
+                data = await self.conn.recv(timeout=10)
+            except asyncio.TimeoutError:
+                continue
+            except websockets.exceptions.ConnectionClosed:
+                await self.close()
+                return
+            await self.send(bytes_data=data)
--- a/backend/tabby/app/management/init.py
+++ b/backend/tabby/app/management/init.py
--- a/backend/tabby/app/management/commands/init.py
+++ b/backend/tabby/app/management/commands/init.py
--- a/backend/tabby/app/management/commands/add_version.py
+++ b/backend/tabby/app/management/commands/add_version.py
@@ -0,0 +1,59 @@
+import logging
+import requests
+import shutil
+import subprocess
+import tempfile
+from django.core.management.base import BaseCommand
+from django.conf import settings
+from pathlib import Path
+
+
+class Command(BaseCommand):
+    help = 'Downloads a new app version'
+
+    def add_arguments(self, parser):
+        parser.add_argument('version', type=str)
+
+    def handle(self, *args, **options):
+        version = options['version']
+        target: Path = settings.APP_DIST_PATH / version
+
+        plugin_list = [
+            'tabby-web-container',
+            'tabby-core',
+            'tabby-settings',
+            'tabby-terminal',
+            'tabby-ssh',
+            'tabby-community-color-schemes',
+            'tabby-serial',
+            'tabby-telnet',
+            'tabby-web',
+            'tabby-web-demo',
+        ]
+
+        with tempfile.TemporaryDirectory() as tempdir:
+            tempdir = Path(tempdir)
+            for plugin in plugin_list:
+                logging.info(f'Resolving {plugin}@{version}')
+                response = requests.get(f'{settings.NPM_REGISTRY}/{plugin}/{version}')
+                response.raise_for_status()
+                info = response.json()
+                url = info['dist']['tarball']
+
+                logging.info(f'Downloading {plugin}@{version} from {url}')
+                response = requests.get(url)
+
+                with tempfile.NamedTemporaryFile('wb') as f:
+                    f.write(response.content)
+                    plugin_final_target = Path(tempdir) / plugin
+
+                    with tempfile.TemporaryDirectory() as extraction_tmp:
+                        subprocess.check_call(
+                            ['tar', '-xzf', f.name, '-C', str(extraction_tmp)]
+                        )
+                        shutil.move(Path(extraction_tmp) / 'package', plugin_final_target)
+
+            if target.exists():
+                shutil.rmtree(target)
+            shutil.copytree(tempdir, target)
+            target.chmod(0o755)
--- a/backend/tabby/app/migrations/0001_initial.py
+++ b/backend/tabby/app/migrations/0001_initial.py
@@ -0,0 +1,75 @@
+# Generated by Django 3.2.3 on 2021-07-08 17:43
+
+from django.conf import settings
+import django.contrib.auth.models
+import django.contrib.auth.validators
+from django.db import migrations, models
+import django.db.models.deletion
+import django.utils.timezone
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
+                ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
+                ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
+                ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('active_version', models.CharField(max_length=32, null=True)),
+                ('custom_connection_gateway', models.CharField(max_length=255, null=True, blank=True)),
+                ('custom_connection_gateway_token', models.CharField(max_length=255, null=True, blank=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('modified_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'user',
+                'verbose_name_plural': 'users',
+                'abstract': False,
+            },
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Config',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('content', models.TextField(default='{}')),
+                ('last_used_with_version', models.CharField(max_length=32, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('modified_at', models.DateTimeField(auto_now=True)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='configs', to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='active_config',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='+', to='app.config'),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='groups',
+            field=models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups'),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='user_permissions',
+            field=models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions'),
+        ),
+    ]
--- a/backend/tabby/app/migrations/0002_gateway.py
+++ b/backend/tabby/app/migrations/0002_gateway.py
@@ -0,0 +1,23 @@
+# Generated by Django 3.2.3 on 2021-07-08 20:25
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('app', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Gateway',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('host', models.CharField(max_length=255)),
+                ('port', models.IntegerField(default=1234)),
+                ('enabled', models.BooleanField(default=True)),
+                ('secure', models.BooleanField(default=True)),
+            ],
+        ),
+    ]
--- a/backend/tabby/app/migrations/0003_auto_20210711_1855.py
+++ b/backend/tabby/app/migrations/0003_auto_20210711_1855.py
@@ -0,0 +1,24 @@
+# Generated by Django 3.2.3 on 2021-07-11 18:55
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('app', '0002_gateway'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='gateway',
+            name='admin_port',
+            field=models.IntegerField(default=1235),
+        ),
+        migrations.AlterField(
+            model_name='user',
+            name='active_config',
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='+', to='app.config'),
+        ),
+    ]
--- a/backend/tabby/app/migrations/0004_sync_token.py
+++ b/backend/tabby/app/migrations/0004_sync_token.py
@@ -0,0 +1,29 @@
+import secrets
+from django.db import migrations, models
+
+
+def run_forward(apps, schema_editor):
+    for user in apps.get_model('app', 'User').objects.all():
+        user.config_sync_token = secrets.token_hex(64)
+        user.save()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('app', '0003_auto_20210711_1855'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='config_sync_token',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+        migrations.RunPython(run_forward, lambda _, __: None),
+        migrations.AlterField(
+            model_name='user',
+            name='config_sync_token',
+            field=models.CharField(max_length=255),
+        ),
+    ]
--- a/backend/tabby/app/migrations/0005_user_force_pro.py
+++ b/backend/tabby/app/migrations/0005_user_force_pro.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.3 on 2021-07-24 10:13
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('app', '0004_sync_token'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='force_pro',
+            field=models.BooleanField(default=False),
+        ),
+    ]
--- a/backend/tabby/app/migrations/0006_config_name.py
+++ b/backend/tabby/app/migrations/0006_config_name.py
@@ -0,0 +1,28 @@
+from django.db import migrations, models
+
+
+def run_forward(apps, schema_editor):
+    for config in apps.get_model('app', 'Config').objects.all():
+        config.name = f'Unnamed config ({config.created_at.date()})'
+        config.save()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('app', '0005_user_force_pro'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='config',
+            name='name',
+            field=models.CharField(max_length=255, null=True),
+        ),
+        migrations.RunPython(run_forward, lambda _, __: None),
+        migrations.AlterField(
+            model_name='config',
+            name='name',
+            field=models.CharField(max_length=255),
+        ),
+    ]
--- a/backend/tabby/app/migrations/init.py
+++ b/backend/tabby/app/migrations/init.py
--- a/backend/tabby/app/models.py
+++ b/backend/tabby/app/models.py
@@ -0,0 +1,45 @@
+import secrets
+from datetime import date
+from django.db import models
+from django.contrib.auth.models import AbstractUser
+
+
+class Config(models.Model):
+    user = models.ForeignKey('app.User', related_name='configs', on_delete=models.CASCADE)
+    name = models.CharField(max_length=255)
+    content = models.TextField(default='{}')
+    last_used_with_version = models.CharField(max_length=32, null=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    modified_at = models.DateTimeField(auto_now=True)
+
+    def save(self, *args, **kwargs):
+        if not self.name:
+            self.name = f'Unnamed config ({date.today()})'
+        super().save(*args, **kwargs)
+
+
+class User(AbstractUser):
+    active_config = models.ForeignKey(Config, null=True, on_delete=models.SET_NULL, related_name='+')
+    active_version = models.CharField(max_length=32, null=True)
+    custom_connection_gateway = models.CharField(max_length=255, null=True, blank=True)
+    custom_connection_gateway_token = models.CharField(max_length=255, null=True, blank=True)
+    config_sync_token = models.CharField(max_length=255)
+    force_pro = models.BooleanField(default=False)
+    created_at = models.DateTimeField(auto_now_add=True)
+    modified_at = models.DateTimeField(auto_now=True)
+
+    def save(self, *args, **kwargs):
+        if not self.config_sync_token:
+            self.config_sync_token = secrets.token_hex(64)
+        super().save(*args, **kwargs)
+
+
+class Gateway(models.Model):
+    host = models.CharField(max_length=255)
+    port = models.IntegerField(default=1234)
+    admin_port = models.IntegerField(default=1235)
+    enabled = models.BooleanField(default=True)
+    secure = models.BooleanField(default=True)
+
+    def __str__(self):
+        return f'{self.host}:{self.port}'
--- a/backend/tabby/app/sponsors.py
+++ b/backend/tabby/app/sponsors.py
@@ -0,0 +1,80 @@
+from django.conf import settings
+from django.core.cache import cache
+from gql import Client, gql
+from gql.transport.requests import RequestsHTTPTransport
+from social_django.models import UserSocialAuth
+
+from .models import User
+
+
+GQL_ENDPOINT = 'https://api.github.com/graphql'
+CACHE_KEY = 'cached-sponsors:%s'
+
+
+def check_is_sponsor(user: User) -> bool:
+    try:
+        token = user.social_auth.get(provider='github').extra_data.get('access_token')
+    except UserSocialAuth.DoesNotExist:
+        return False
+
+    if not token:
+        return False
+
+    client = Client(
+        transport=RequestsHTTPTransport(
+            url=GQL_ENDPOINT,
+            use_json=True,
+            headers={
+                'Authorization': f'Bearer {token}',
+            }
+        )
+    )
+
+    after = None
+
+    while True:
+        params = 'first: 1'
+        if after:
+            params += f', after:"{after}"'
+
+        query = '''
+            query {
+                user (login: "eugeny") {
+                    sponsorshipsAsSponsor(%s) {
+                        pageInfo {
+                            startCursor
+                            hasNextPage
+                            endCursor
+                        }
+                        totalRecurringMonthlyPriceInDollars
+                        nodes {
+                            sponsorable {
+                                ... on Organization { login }
+                                ... on User { login }
+                            }
+                        }
+                    }
+                }
+            }
+        ''' % (params,)
+
+        response = client.execute(gql(query))
+        info = response['user']['sponsorshipsAsSponsor']
+        after = info['pageInfo']['endCursor']
+        nodes = info['nodes']
+        if not len(nodes):
+            break
+        for node in nodes:
+            if node['sponsorable']['login'].lower() not in settings.GITHUB_ELIGIBLE_SPONSORSHIPS:
+                continue
+            if info['totalRecurringMonthlyPriceInDollars'] >= settings.GITHUB_SPONSORS_MIN_PAYMENT:
+                return True
+
+    return False
+
+
+def check_is_sponsor_cached(user: User) -> bool:
+    cache_key = CACHE_KEY % user.id
+    if not cache.get(cache_key):
+        cache.set(cache_key, check_is_sponsor(user), timeout=30)
+    return cache.get(cache_key)
--- a/backend/tabby/app/tests.py
+++ b/backend/tabby/app/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
--- a/backend/tabby/app/urls.py
+++ b/backend/tabby/app/urls.py
@@ -0,0 +1,28 @@
+from django.urls import path, re_path, include
+from rest_framework import routers
+
+from . import api
+from . import consumers
+from . import views
+
+
+router = routers.DefaultRouter(trailing_slash=False)
+router.register('api/1/configs', api.ConfigViewSet)
+router.register('api/1/versions', api.AppVersionViewSet, basename='app-versions')
+
+urlpatterns = [
+    path('api/1/auth/logout', api.LogoutView.as_view()),
+    path('api/1/user', api.UserViewSet.as_view({'get': 'retrieve', 'put': 'update'})),
+    path('api/1/instance-info', api.InstanceInfoViewSet.as_view({'get': 'retrieve'})),
+    path('api/1/gateways/choose', api.ChooseGatewayViewSet.as_view({'post': 'retrieve'})),
+
+    # re_path('^(|login|app)$', views.IndexView.as_view()),
+
+    # path('terminal', views.TerminalView.as_view()),
+    path('app-dist/<version>/<path:path>', views.AppDistView.as_view()),
+    path('', include(router.urls)),
+]
+
+websocket_urlpatterns = [
+    re_path(r'^api/1/gateway/tcp/(?P<host>[^/]+):(?P<port>\d+)$', consumers.TCPConsumer.as_asgi()),
+]
--- a/backend/tabby/app/views.py
+++ b/backend/tabby/app/views.py
@@ -0,0 +1,26 @@
+import os
+from django.conf import settings
+from django.views import static
+from rest_framework.views import APIView
+
+
+class IndexView(APIView):
+    def get(self, request, format=None):
+        return static.serve(request, 'index.html', document_root=str(settings.BASE_DIR / 'build'))
+
+
+class TerminalView(APIView):
+    def get(self, request, format=None):
+        response = static.serve(request, 'terminal.html', document_root=str(settings.BASE_DIR / 'build'))
+        response['X-Frame-Options'] = 'SAMEORIGIN'
+        return response
+
+
+class AppDistView(APIView):
+    def get(self, request, version=None, path=None, format=None):
+        return static.serve(request, os.path.join(version, path), document_root=str(settings.APP_DIST_PATH))
+
+
+# class BuildView(APIView):
+#     def get(self, request, path=None, format=None):
+#         return static.serve(request, path, document_root=str(settings.BASE_DIR / 'build'))