4 files changed, 16 insertions, 13 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..44bba42
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+demo/wsgi_demo.db
diff --git a/README.md b/README.md
index c391971..6bb4d49 100644
--- a/README.md
+++ b/README.md
@@ -63,13 +63,15 @@ Start CouchDB, make sure to give it a username and password:
 Start the demo HTTP server. Here we should pass on a few environment
 variables to let it know which CouchDB to use:
 
+    cd demo
 	export DB_NAME=test
 	export DB_HOSTNAME=localhost
 	export DB_USERNAME=couchdb
 	export DB_PASSWORD=insecure
-    python3 src/wsgi.py
+    python3 ../src/wsgi.py
 
-Submit some data.
+Try adding some observations, basic auth user:pw from `wsgi_demo_users.yaml`,
+including `{"domain": "sunet.se"}` in at least one of them:
 
     echo '[{
         "ip": "192.0.2.10",
@@ -90,12 +92,12 @@ Submit some data.
             "cve_2021_21974": "CVE-2021-21974 patched",
             "cve_2021_21985": "CVE-2021-21985 not applicable"
         }
-    }]' | curl -s -u admin:admin --data-binary @- http://localhost:8000/sc/v0/add
+    }]' | curl -s -u user3:pw3 --data-binary @- http://localhost:8000/sc/v0/add
 
-Get the same data back.
+Try retreiving all observations for a user with read access to 'sunet.se':
 
-    curl -s -u sunet.se: http://localhost:8000/sc/v0/get | json_pp -json_opt utf8,pretty
+    curl -s -u user1:pw1 http://localhost:8000/sc/v0/get | json_pp -json_opt utf8,pretty
 
 We might also filter the data:
 
-    curl -s -u sunet.se: http://localhost:8000/sc/v0/get?port=111 | json_pp -json_opt utf8,pretty
+    curl -s -u user1:pw1 http://localhost:8000/sc/v0/get?port=111 | json_pp -json_opt utf8,pretty
diff --git a/src/db.py b/src/db.py
index 86c6f24..92684c8 100755
--- a/src/db.py
+++ b/src/db.py
@@ -46,18 +46,18 @@ class DictDB():
         return self._ts
 
     def add(self, data, batch_write=False):
-        key = str(self.unique_key())
+        keys = []
 
         if type(data) is list:
             for item in data:
-                item['_id'] = str(self._ts)
+                item['_id'] = str(self.unique_key())
 
                 self.couchdb.save(item)
         else:
-            data['_id'] = str(self._ts)
+            data['_id'] = str(self.unique_key())
             self.couchdb.save(data)
 
-        return key
+        return keys
 
     def get(self, key):
         return self.couchdb[key]
diff --git a/src/wsgi.py b/src/wsgi.py
index 15f9224..3c3d363 100755
--- a/src/wsgi.py
+++ b/src/wsgi.py
@@ -99,12 +99,12 @@ class EPAdd(CollectorResource):
             resp.text = CollectorResource.parse_error(decodedin)
             return
 
-        key = self._db.add(json_data)
-        resp.text = repr(key) + '\n'
+        keys = self._db.add(json_data)
+        resp.text = repr(keys) + '\n'
 
 
 def init(url_res_map, addr='', port=8000):
-    app = falcon.App()
+    app = falcon.App(cors_enable=True)
     for url, res in url_res_map:
         app.add_route(url, res)
     return make_server(addr, port, app)