diff --git a/backend/requirements.txt b/backend/requirements.txt
index fa6e10273..6dcf7731d 100644
--- a/backend/requirements.txt
+++ b/backend/requirements.txt
@@ -12,6 +12,7 @@ dnspython==2.6.1
fastapi==0.110.2
fuzzywuzzy==0.18.0
h11==0.14.0
+hiredis==3.0.0
hypothesis==6.61.0
idna==3.7
immutabledict==4.2.0
diff --git a/backend/server/routers/auth.py b/backend/server/routers/auth.py
index 57e6c637f..1181ae214 100644
--- a/backend/server/routers/auth.py
+++ b/backend/server/routers/auth.py
@@ -11,7 +11,7 @@
from server.db.helpers.users import delete_user, insert_new_user
from .utility.sessions.errors import ExpiredRefreshTokenError, ExpiredSessionTokenError, OldRefreshTokenError
-from .utility.sessions.interface import create_new_guest_token_pair, get_session_info_from_refresh_token, get_session_info_from_session_token, logout_session, setup_new_csesoc_session, create_new_csesoc_token_pair, setup_new_guest_session
+from .utility.sessions.interface import create_new_guest_token_pair, get_session_info_from_refresh_token, get_session_info_from_session_token, logout_session, setup_new_csesoc_session, create_new_csesoc_token_pair
from .utility.sessions.middleware import HTTPBearer401, set_secure_cookie
from .utility.oidc.requests import DecodedIDToken, exchange_and_validate, generate_oidc_auth_url, get_userinfo_and_validate, refresh_and_validate, revoke_token, validate_authorization_response
@@ -100,21 +100,6 @@ def _try_get_session_info_for_logout(session_token: SessionToken, refresh_token:
-
-@router.post('/guest_login')
-def create_guest_session(res: Response) -> IdentityPayload:
- # create new login session for user in db, generating new tokens
- uid = insert_new_guest_user()
- new_session_token, session_expiry, new_refresh_token, refresh_expiry = setup_new_guest_session(uid)
-
- # TODO-OLLI(pm): setting up proper logging
-
- # set the cookies and return the identity
- set_secure_cookie(res, REFRESH_TOKEN_COOKIE, new_refresh_token, refresh_expiry)
- return IdentityPayload(session_token=new_session_token, exp=session_expiry, uid=uid)
-
-
-
@router.post("/refresh", response_model=IdentityPayload)
def refresh(res: Response, refresh_token: Annotated[Optional[RefreshToken], Cookie(alias=REFRESH_TOKEN_COOKIE)] = None) -> IdentityPayload:
# refresh flow - returns a new identity given the circles refresh token
diff --git a/backend/server/routers/dev.py b/backend/server/routers/dev.py
new file mode 100644
index 000000000..e58721d76
--- /dev/null
+++ b/backend/server/routers/dev.py
@@ -0,0 +1,23 @@
+from fastapi import APIRouter, Response
+
+from server.routers.auth import REFRESH_TOKEN_COOKIE, IdentityPayload, insert_new_guest_user
+from server.routers.utility.sessions.interface import setup_new_guest_session
+from server.routers.utility.sessions.middleware import set_secure_cookie
+
+
+router = APIRouter(
+ prefix="/dev",
+ tags=["dev"],
+)
+
+@router.post('/guest_login')
+def create_guest_session(res: Response) -> IdentityPayload:
+ # create new login session for user in db, generating new tokens
+ uid = insert_new_guest_user()
+ new_session_token, session_expiry, new_refresh_token, refresh_expiry = setup_new_guest_session(uid)
+
+ # TODO-OLLI(pm): setting up proper logging
+
+ # set the cookies and return the identity
+ set_secure_cookie(res, REFRESH_TOKEN_COOKIE, new_refresh_token, refresh_expiry)
+ return IdentityPayload(session_token=new_session_token, exp=session_expiry, uid=uid)
diff --git a/backend/server/server.py b/backend/server/server.py
index 2898a2dd4..29fc11cf3 100644
--- a/backend/server/server.py
+++ b/backend/server/server.py
@@ -2,6 +2,7 @@
Configure the FastAPI server
"""
+import os
from contextlib import asynccontextmanager
from data.config import LIVE_YEAR
from fastapi import FastAPI
@@ -55,6 +56,9 @@ async def on_setup_and_shutdown(_app: FastAPI):
app.include_router(followups.router)
# TODO: hide this behind a feature flag?
# app.include_router(ctf.router)
+if os.getenv("APP_ENV") == "dev":
+ from server.routers import dev
+ app.include_router(dev.router)
@app.get("/")
diff --git a/backend/server/tests/user/utility.py b/backend/server/tests/user/utility.py
index f69d56991..413883fbe 100644
--- a/backend/server/tests/user/utility.py
+++ b/backend/server/tests/user/utility.py
@@ -20,7 +20,7 @@ def clear():
setup_redis_sessionsdb()
def get_token():
- return requests.post('http://127.0.0.1:8000/auth/guest_login', timeout=5000).json()["session_token"]
+ return requests.post('http://127.0.0.1:8000/dev/guest_login', timeout=5000).json()["session_token"]
def get_token_headers(token: str):
return {"Authorization": f"Bearer {token}"}
diff --git a/frontend/src/pages/Login/Login.tsx b/frontend/src/pages/Login/Login.tsx
index ba1fd0622..3cddca1ff 100644
--- a/frontend/src/pages/Login/Login.tsx
+++ b/frontend/src/pages/Login/Login.tsx
@@ -45,7 +45,9 @@ const Login = () => {
Login to Circles
For current UNSW Students
Login with zID
- Continue as guest
+
+ Continue as guest (coming soon)
+
diff --git a/frontend/src/pages/Login/styles.ts b/frontend/src/pages/Login/styles.ts
index bad71abd6..408cdb841 100644
--- a/frontend/src/pages/Login/styles.ts
+++ b/frontend/src/pages/Login/styles.ts
@@ -107,6 +107,10 @@ const GuestButton = styled.button`
margin: 20px;
cursor: pointer;
transition: all 0.3s;
+ &:disabled {
+ opacity: 0.5;
+ cursor: not-allowed;
+ }
&:hover {
${({ theme }) =>
theme.loginSplash &&
diff --git a/setup_env.py b/setup_env.py
index c922f8a2e..77bcde1f2 100644
--- a/setup_env.py
+++ b/setup_env.py
@@ -70,6 +70,9 @@ def main() -> None:
if env.in_production:
backend_env["FORWARDED_ALLOWED_IPS"] = "*"
+ backend_env["APP_ENV"] = "prod"
+ else:
+ backend_env["APP_ENV"] = "dev"
# mongodb - backend + mongodb
mongo_username = env.get_variable("MONGODB_USERNAME", "name")