mystiq/sso
Archived
4
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: mystiq:master
Branches Tags
mystiq:master
mystiq:wip-registration
realaravinth:chore-docker-restart-compose-version
realaravinth:wip-local-settings
realaravinth:wip-docker
realaravinth:master
realaravinth:wip-oidc
..
compare: realaravinth:chore-docker-restart-compose-version
Branches Tags
realaravinth:chore-docker-restart-compose-version
realaravinth:wip-local-settings
realaravinth:wip-docker
realaravinth:master
realaravinth:wip-oidc
mystiq:master
mystiq:wip-registration

No commits in common. "master" and "chore-docker-restart-compose-version" have entirely different histories.
master ... chore-dock

15 changed files with 9 additions and 460 deletions
Show stats Expand all files Collapse all files

3
.dockerignore
View file

@ -158,6 +158,3 @@ cython_debug/
# and can be added to the global gitignore or merged into this file. For a more nuclear
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/
sso/local_settings.py
sso/local_settings/local_settings.py

2
.gitignore vendored
View file

@ -158,5 +158,3 @@ cython_debug/
# and can be added to the global gitignore or merged into this file. For a more nuclear
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/
sso/local_settings.py
sso/local_settings/local_settings.py

4
Dockerfile
View file

@ -1,8 +1,8 @@
FROM python:3
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1
#RUN useradd -ms /bin/bash -u 1001 mystiq-sso
#USER mystiq-sso
RUN useradd -ms /bin/bash -u 1001 mystiq-sso
USER mystiq-sso
WORKDIR /code
LABEL org.opencontainers.image.source https://git.batsense.net/mystiq/sso
COPY requirements.txt /code/

46
accounts/templates/accounts/login.html
View file

@ -1,46 +0,0 @@
{% comment %} Login Page {% endcomment %}
{% block login %}
<h2>Log In</h2>
<form method="post" action="">
{% csrf_token %} {{ form.as_p }}
<label class="form__label" for="email">Email</label><br/>
<input
type="text"
id="email"
name="email"
autofocus
required/><br/><br/>
<label class="form__label" for="pwd">Password</label><br/>
<input
type="password"
required
id="password"
name="password"/><br/><br/>
<button type="submit">Log In</button>
<input type="hidden" name="next" value="{{ next }}">
{% for message in messages %}
<p id="messages">{{message}}</p>
{% endfor %}
</form>
{% comment %} <div class="form-group">
<label for="exampleInputEmail1">Email address</label>
<input type="email" class="form-control" id="exampleInputEmail1" aria-describedby="emailHelp" placeholder="Enter email">
<small id="emailHelp" class="form-text text-muted">We'll never share your email with anyone else.</small>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" id="exampleInputPassword1" placeholder="Password">
</div>
<div class="form-group form-check">
<input type="checkbox" class="form-check-input" id="exampleCheck1">
<label class="form-check-label" for="exampleCheck1">Check me out</label>
</div>
<button type="submit" class="btn btn-primary">Submit</button> {% endcomment %}
<p class="form__alt-action">
New to Mystiq?
<a href="{% url 'accounts:register' %}">Create an account</a>
</p>
{% endblock %}

89
accounts/templates/accounts/register.html
View file

@ -1,89 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Registration</title>
</head>
<body>
<!-- <form action="{% url 'accounts:register' %}" method="post">
{% csrf_token %}
<fieldset>
<legend><h1>{{ Registration }}</h1></legend>
</fieldset>
<fieldset>
<label for="email">
<b>Email</b>
<input type="text" placeholder="Enter Email" name="email" id="email" required>
</label>
</fieldset>
<fieldset>
<label for="psw">
<b>Password</b>
<input type="password" placeholder="Enter Password" name="psw" id="psw" required>
</label>
</fieldset>
<fieldset>
<label for="cnf-psw">
<b>Password</b>
<input type="password" placeholder="Confirn Password" name="cnf-psw" id="cnf-psw" required>
</label>
</fieldset>
<input type="submit" value="register">
</form> -->
<form action="{% url 'accounts:register' %}" method="post" class="form" accept-charset="utf-8">
{% if error %}
<div class="error__container">
<h3 class="error__title">ERROR: {{ error.title }}</h3>
<p class="error__message">{{ error.reason }}</p>
</div>
{% endif %}
{% csrf_token %}
<div class="container">
<h1>Register</h1>
<p>Welcome to mystiq registration.</p>
<hr>
<label for="email">
<b>Email</b>
<input
type="text"
placeholder="Enter Email"
name="email"
id="email"
required
{% if email %}
value={{ username }}
{% endif %}
>
</label>
<label for="password">
<b>Password</b>
<input type="password" placeholder="Enter Password" name="password" id="password" required>
</label>
<label for="password-confirm">
<b>Confirm Password</b>
<input type="password" placeholder="Confirm Password" name="password-confirm" id="password-confirm" required>
</label>
<hr>
<p>By creating an account you agree to our <a href="#">Terms & Privacy</a>.</p>
<button type="submit" class="form_submit">Register</button>
</div>
<div class="container signin">
<p>Already have an account? <a href="{% url 'accounts:login' %}">Sign in</a>.</p>
</div>
</form>
</body>
</html>

1
accounts/templates/accounts/success.html
View file

@ -1 +0,0 @@
<b> Login Successful! <b>

90
accounts/tests.py
View file

@ -1,7 +1,6 @@
# Create your tests here.
# Copyright © 2022 Aravinth Manivannan <realaravinth@batsense.net>
# Copyright © 2022 Alan Alexander Thomas <alan2000alex@gmail.com>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
@ -37,9 +36,10 @@ from oauth2_provider.models import get_application_model
def register_util(t: TestCase, username: str):
t.password = "asdklfja;ldkfja;df"
t.email = f"{username}@vitap.ac.in"
t.username = username
t.email = f"{t.username}@example.org"
t.user = get_user_model().objects.create(
username=username,
username=t.username,
email=t.email,
)
t.user.set_password(t.password)
@ -48,11 +48,10 @@ def register_util(t: TestCase, username: str):
def login_util(t: TestCase, c: Client, redirect_to: str):
payload = {
"email": t.email,
"login": t.username,
"password": t.password,
}
resp = c.post(reverse("accounts:login"), payload)
print(resp.content)
resp = c.post(reverse("accounts.login"), payload)
t.assertEqual(resp.status_code, 302)
t.assertEqual(resp.headers["location"], reverse(redirect_to))
@ -103,82 +102,3 @@ class CreateOidCApplicaiton(TestCase):
self.assertEqual(app.client_type, "confidential")
self.assertEqual(app.authorization_grant_type, "authorization-code")
self.assertEqual(app.algorithm, "HS256")
class RegistrationTest(TestCase):
def setUp(self):
self.username = "register_user"
self.password = "2i3j4;1qlk2asdf"
self.email = "register_user@vitap.ac.in"
def test_register_template_works(self):
"""
Tests if register template renders
"""
resp = self.client.get(reverse("accounts:register"))
self.assertEqual(b"Register" in resp.content, True)
def test_register_works(self):
"""
Tests if register works
"""
c = Client()
# passwords don't match
msg = {
"password": self.password,
"email": self.email,
"password-confirm": self.email,
}
resp = c.post(reverse("accounts:register"), msg)
self.assertEqual(resp.status_code, 400)
# register user
msg["password-confirm"] = self.password
resp = c.post(reverse("accounts:register"), msg)
self.assertEqual(resp.status_code, 200)
user = get_user_model().objects.get(username=self.username)
# duplicate email
resp = c.post(reverse("accounts:register"), msg)
self.assertEqual(resp.status_code, 400)
self.assertEqual(b"This email is already registered." in resp.content, True)
msg["email"] = "12345@gmail.com"
resp = c.post(reverse("accounts:register"), msg)
self.assertEqual(resp.status_code, 400)
self.assertEqual(
b"We do not provide services for this domain yet." in resp.content, True
)
# Login Tests
class LoginTest(TestCase):
def setUp(self):
self.username = "register_user"
self.password = "2i3j4;1qlk2asdf"
self.email = "register_user@vitap.ac.in"
register_util(t=self, username=self.username)
def test_register_template_works(self):
"""
Tests if register template renders
"""
resp = self.client.get(reverse("accounts:login"))
self.assertEqual(b"Log" in resp.content, True)
def test_login_works(self):
"""
Tests if login works
"""
c = Client()
payload = {
"email": self.email,
"password": self.password,
}
resp = c.post(reverse("accounts:login"), payload)
self.assertEqual(resp.status_code, 302)
self.assertEqual(resp.headers["location"], reverse("accounts:success_page"))

28
accounts/urls.py
View file

@ -1,28 +0,0 @@
"""sso URL Configuration
The `urlpatterns` list routes URLs to views. For more information please see:
https://docs.djangoproject.com/en/4.1/topics/http/urls/
Exaimples:
Function views
1. Add an import: from my_app import views
2. Add a URL to urlpatterns: path('', views.home, name='home')
Class-based views
1. Add an import: from other_app.views import Home
2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
Including another URLconf
1. Import the include() function: from django.urls import include, path
2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
"""
from django.contrib import admin
from django.urls import path
from . import views
app_name = "accounts"
urlpatterns = [
path("", views.index, name="accounts.index"),
path("register/", views.register, name="register"),
path("login/", views.login_user, name="login"),
path("success/", views.success_page, name="success_page"),
# path("accounts/login/", default_login_url, name="accounts.default_login_url"),
]

164
accounts/views.py
View file

@ -1,165 +1,3 @@
# Copyright © 2022 Alan Alexander Thomas <alan2000alex@gmail.com>
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
#
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from audioop import reverse
from multiprocessing import get_context
from django.shortcuts import render
# Create your views here.
from re import template
from urllib import response
from django.shortcuts import render, redirect, get_object_or_404
from django.contrib.auth.password_validation import validate_password
from django.contrib.auth import authenticate, login, logout, get_user_model
from django.http import HttpResponse, HttpResponseRedirect
from django.views.decorators.csrf import csrf_protect
from django.core.exceptions import ValidationError
from django.contrib.auth.decorators import login_required
from django.contrib import messages
from django.urls import reverse
# Create your views here.
from django.http import HttpResponse
def index(request):
return HttpResponse("Hello World.")
# @csrf_protect
# def login(request):
# return render(request, 'accounts/login.html')
# login page
@csrf_protect
def login_user(request):
def default_login_ctx():
return {
"title": "Login",
"footer": footer_ctx(),
}
if request.method == "POST":
email = request.POST["email"]
password = request.POST["password"]
# domain_check = email.split("@")
# check user exists
User = get_user_model()
if not User.objects.filter(email=email).exists():
messages.info(request, "Username OR password is incorrect")
return redirect(reverse("accounts:login"))
username = User.objects.get(email=email).username
user = authenticate(request, username=username, password=password)
if user is not None:
login(request, user)
# Redirect to a success page.
print(reverse("accounts:success_page"))
if "next" in request.POST:
next = request.POST["next"]
if len(next) > 0:
return redirect(next)
return redirect(reverse("accounts:success_page"))
else:
# Return an 'invalid login' error message.
messages.info(request, "Username OR password is incorrect")
return redirect(reverse("accounts:login"))
else:
context = {}
if "next" in request.GET:
next = request.GET["next"]
context["next"] = next
return render(request, "accounts/login.html", context=context)
# success page
@login_required(login_url="/accounts/login/")
@csrf_protect
def success_page(request):
return render(request, "accounts/success.html")
# user registratoin
@csrf_protect
def register(request):
# response = "You are at the Registration Page."
get_context = {}
if request.method == "GET":
if "next" in request.GET:
get_context["next"] = request.GET["next"]
return render(request, "accounts/register.html", get_context)
context = {}
# variables
email = request.POST["email"]
password = request.POST["password"]
password_confirm = request.POST["password-confirm"]
# password matching
if password != password_confirm:
context["error"] = {
"title": "Registration Failed",
"reason": "Passwords do not match.",
}
return render(request, "accounts/register.html", status=400, context=context)
# domain verification
domain_check = email.split("@")
if domain_check[1] != "vitap.ac.in":
context["error"] = {
"title": "Registration Failed",
"reason": "We do not provide services for this domain yet.",
}
return render(request, "accounts/register.html", status=400, context=context)
# email verification
User = get_user_model()
if any(
[
User.objects.filter(email=email).exists(),
User.objects.filter(username=domain_check[0]).exists(),
]
):
context["error"] = {
"title": "Registration Failed",
"reason": "This email is already registered.",
}
return render(request, "accounts/register.html", status=400, context=context)
user = get_user_model()(
username=domain_check[0],
email=email,
)
user.set_password(password)
try:
user.full_clean()
validate_password(password, user=user)
except ValidationError as err:
reason = ""
for errors in err:
reason += errors + " "
context["error"] = {"title": "Registration Failed", "reason": reason}
print(reason)
return render(request, "accounts/register.html", status=400, context=context)
user.save()
return HttpResponse("New acc. can be registered.")

2
docker-compose.yml
View file

@ -18,7 +18,7 @@ services:
python manage.py migrate &&
python manage.py runserver 0.0.0.0:8000"
volumes:
- ./sso/local_settings:/code/sso/local_settings/
- .:/code
ports:
- 8000:8000
# environment:

1
requirements.txt
View file

@ -29,7 +29,6 @@ pylint==2.14.5
pynvim==0.4.3
requests==2.28.1
sqlparse==0.4.2
tblib==1.7.0
tomli==2.0.1
tomlkit==0.11.4
urllib3==1.26.11

0
sso/local_settings/__init__.py
View file

30
sso/local_settings/local_settings.example.py
View file

@ -1,30 +0,0 @@
"""
Django settings for dashboard project.
Generated by 'django-admin startproject' using Django 4.0.3.
For more information on this file, see
https://docs.djangoproject.com/en/4.0/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/4.0/ref/settings/
"""
import environ
import os
env = environ.Env()
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.0/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
# A new SECRET_KEY can be generated by running the following command:
# openssl rand -hex 32
SECRET_KEY = "django-insecure-44zt@)$td7_yh(01q^hrce%h(311n!djn%%#s1b7$cvfy!pf7y"
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
print("Finished importing local_settings.ci.py")

8
sso/settings.py
View file

@ -135,11 +135,3 @@ OAUTH2_PROVIDER = {
"openid": "OpenID Connect scope",
},
}
try:
from .local_settings.local_settings import *
print("Found local_settings")
except ModuleNotFoundError:
print("No local_settings available, using defaults")
pass

1
sso/urls.py
View file

@ -19,5 +19,4 @@ from django.urls import path, include
urlpatterns = [
path("admin/", admin.site.urls),
path("o/", include("oauth2_provider.urls", namespace="oauth2_provider")),
path("accounts/", include("accounts.urls")),
]