Skip to content

Commit

Permalink
Disable guest accounts
Browse files Browse the repository at this point in the history
  • Loading branch information
lhvy committed Oct 31, 2024
1 parent 37d4e0f commit 3047a43
Show file tree
Hide file tree
Showing 8 changed files with 40 additions and 18 deletions.
1 change: 1 addition & 0 deletions backend/requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ dnspython==2.6.1
fastapi==0.110.2
fuzzywuzzy==0.18.0
h11==0.14.0
hiredis==3.0.0
hypothesis==6.61.0
idna==3.7
immutabledict==4.2.0
Expand Down
17 changes: 1 addition & 16 deletions backend/server/routers/auth.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
from server.db.helpers.users import delete_user, insert_new_user

from .utility.sessions.errors import ExpiredRefreshTokenError, ExpiredSessionTokenError, OldRefreshTokenError
from .utility.sessions.interface import create_new_guest_token_pair, get_session_info_from_refresh_token, get_session_info_from_session_token, logout_session, setup_new_csesoc_session, create_new_csesoc_token_pair, setup_new_guest_session
from .utility.sessions.interface import create_new_guest_token_pair, get_session_info_from_refresh_token, get_session_info_from_session_token, logout_session, setup_new_csesoc_session, create_new_csesoc_token_pair

from .utility.sessions.middleware import HTTPBearer401, set_secure_cookie
from .utility.oidc.requests import DecodedIDToken, exchange_and_validate, generate_oidc_auth_url, get_userinfo_and_validate, refresh_and_validate, revoke_token, validate_authorization_response
Expand Down Expand Up @@ -100,21 +100,6 @@ def _try_get_session_info_for_logout(session_token: SessionToken, refresh_token:




@router.post('/guest_login')
def create_guest_session(res: Response) -> IdentityPayload:
# create new login session for user in db, generating new tokens
uid = insert_new_guest_user()
new_session_token, session_expiry, new_refresh_token, refresh_expiry = setup_new_guest_session(uid)

# TODO-OLLI(pm): setting up proper logging

# set the cookies and return the identity
set_secure_cookie(res, REFRESH_TOKEN_COOKIE, new_refresh_token, refresh_expiry)
return IdentityPayload(session_token=new_session_token, exp=session_expiry, uid=uid)



@router.post("/refresh", response_model=IdentityPayload)
def refresh(res: Response, refresh_token: Annotated[Optional[RefreshToken], Cookie(alias=REFRESH_TOKEN_COOKIE)] = None) -> IdentityPayload:
# refresh flow - returns a new identity given the circles refresh token
Expand Down
23 changes: 23 additions & 0 deletions backend/server/routers/dev.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
from fastapi import APIRouter, Response

from server.routers.auth import REFRESH_TOKEN_COOKIE, IdentityPayload, insert_new_guest_user
from server.routers.utility.sessions.interface import setup_new_guest_session
from server.routers.utility.sessions.middleware import set_secure_cookie


router = APIRouter(
prefix="/dev",
tags=["dev"],
)

@router.post('/guest_login')
def create_guest_session(res: Response) -> IdentityPayload:
# create new login session for user in db, generating new tokens
uid = insert_new_guest_user()
new_session_token, session_expiry, new_refresh_token, refresh_expiry = setup_new_guest_session(uid)

# TODO-OLLI(pm): setting up proper logging

# set the cookies and return the identity
set_secure_cookie(res, REFRESH_TOKEN_COOKIE, new_refresh_token, refresh_expiry)
return IdentityPayload(session_token=new_session_token, exp=session_expiry, uid=uid)
4 changes: 4 additions & 0 deletions backend/server/server.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
Configure the FastAPI server
"""

import os
from contextlib import asynccontextmanager
from data.config import LIVE_YEAR
from fastapi import FastAPI
Expand Down Expand Up @@ -55,6 +56,9 @@ async def on_setup_and_shutdown(_app: FastAPI):
app.include_router(followups.router)
# TODO: hide this behind a feature flag?
# app.include_router(ctf.router)
if os.getenv("ENV") == "dev":
from server.routers import dev
app.include_router(dev.router)


@app.get("/")
Expand Down
2 changes: 1 addition & 1 deletion backend/server/tests/user/utility.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ def clear():
setup_redis_sessionsdb()

def get_token():
return requests.post('http://127.0.0.1:8000/auth/guest_login', timeout=5000).json()["session_token"]
return requests.post('http://127.0.0.1:8000/dev/guest_login', timeout=5000).json()["session_token"]

def get_token_headers(token: str):
return {"Authorization": f"Bearer {token}"}
4 changes: 3 additions & 1 deletion frontend/src/pages/Login/Login.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,9 @@ const Login = () => {
<h2>Login to Circles</h2>
<p>For current UNSW Students</p>
<S.LoginButton onClick={initiateCSEAuth}>Login with zID</S.LoginButton>
<S.GuestButton onClick={guestLogin}>Continue as guest</S.GuestButton>
<S.GuestButton onClick={guestLogin} disabled>
Continue as guest (coming soon)
</S.GuestButton>
</S.Login>
</S.Right>
</S.Wrapper>
Expand Down
4 changes: 4 additions & 0 deletions frontend/src/pages/Login/styles.ts
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,10 @@ const GuestButton = styled.button`
margin: 20px;
cursor: pointer;
transition: all 0.3s;
&:disabled {
opacity: 0.5;
cursor: not-allowed;
}
&:hover {
${({ theme }) =>
theme.loginSplash &&
Expand Down
3 changes: 3 additions & 0 deletions setup_env.py
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,9 @@ def main() -> None:

if env.in_production:
backend_env["FORWARDED_ALLOWED_IPS"] = "*"
backend_env["ENV"] = "prod"
else:
backend_env["ENV"] = "dev"

# mongodb - backend + mongodb
mongo_username = env.get_variable("MONGODB_USERNAME", "name")
Expand Down

0 comments on commit 3047a43

Please sign in to comment.