Merge pull request #45 from ComputerScienceHouse/dev

Dev

Author: jabbate19

src/auth.py

@@ -1,7 +1,9 @@
-from init import app, auth, db
-from models import Users
+from init import app, auth
+from models import User
 from flask_login import login_user, logout_user, LoginManager
 import flask
+import requests
+import sys
 
 from functools import wraps
 
@@ -19,25 +21,49 @@ def wrapped_function(*args, **kwargs):
         is_devcade_admin = "devcade" in groups
         auth_dict = {
             "uid": uid,
+            "user_type": "CSH",
             "first": first,
             "last": last,
+            "email": f"{uid}@csh.rit.edu",
             "picture": picture,
-            "admin": is_eboard or is_rtp or is_devcade_admin
+            "admin": any((is_eboard, is_rtp, is_devcade_admin))
+        }
+        kwargs["auth_dict"] = auth_dict
+        return func(*args, **kwargs)
+    return wrapped_function
+
+def google_user_auth(func):
+    @wraps(func)
+    def wrapped_function(*args, **kwargs):
+        uid = str(flask.session["userinfo"].get("sub", ""))
+        last = str(flask.session["userinfo"].get("family_name", ""))
+        first = str(flask.session["userinfo"].get("given_name", ""))
+        email = str(flask.session["userinfo"].get("email", ""))
+        picture = str(flask.session["userinfo"].get("picture", ""))
+        auth_dict = {
+            "uid": uid,
+            "user_type": "GOOGLE",
+            "first": first,
+            "last": last,
+            "email": email,
+            "picture": picture,
+            "admin": False
         }
         kwargs["auth_dict"] = auth_dict
         return func(*args, **kwargs)
     return wrapped_function
 
 login_manager = LoginManager()
 login_manager.init_app(app)
-login_manager.login_view = 'csh_auth'
-
+login_manager.login_view = 'homepage'
 
 @login_manager.user_loader
 def load_user(user_id):
-    q = Users.query.get(user_id)
-    if q:
-        return q
+    user_req = requests.get(app.config["DEVCADE_API_URI"] + "users/" + user_id)
+    if user_req.status_code == 200:
+        user_data = user_req.json()
+        user = User(user_data['id'], user_data['user_type'], user_data['first_name'], user_data['last_name'], user_data['email'], user_data['picture'], user_data['admin'])
+        return user
     return None
 
 
@@ -49,7 +75,6 @@ def _logout():
 
 
 @app.route('/csh_auth')
-@app.route('/login')
 @auth.oidc_auth('default')
 @csh_user_auth
 def csh_auth(auth_dict=None):
@@ -58,18 +83,44 @@ def csh_auth(auth_dict=None):
     """
     if auth_dict is None:
         return flask.redirect("/csh_auth")
-    user = Users.query.get(auth_dict['uid'])
-    if user is not None:
-        user.firstname = auth_dict['first']
-        user.lastname = auth_dict['last']
-        user.picture = auth_dict['picture']
-        user.admin = auth_dict['admin']
+    return update_backend_user(auth_dict)
+
+@app.route('/google_auth')
+@auth.oidc_auth('google')
+@google_user_auth
+def google_auth(auth_dict=None):
+    """
+    Gets new logger inner data
+    """
+    if auth_dict is None:
+        return flask.redirect("/google_auth")
+    return update_backend_user(auth_dict)
+
+
+def update_backend_user(auth_dict):
+    # headers={"frontend_api_key":app.config["FRONTEND_API_KEY"]}
+    user_req = requests.get(app.config["DEVCADE_API_URI"] + "users/" + auth_dict['uid'])
+    if user_req.status_code == 400:
+        requests.post(app.config["DEVCADE_API_URI"] + "users/", json={
+            'id': auth_dict['uid'],
+            'user_type': auth_dict['user_type'],
+            'first_name': auth_dict['first'],
+            'last_name': auth_dict['last'],
+            'picture': auth_dict['picture'],
+            'email': auth_dict['email'],
+            'admin': auth_dict['admin']
+        }, headers={"frontend_api_key":app.config["FRONTEND_API_KEY"]})
     else:
-        user = Users(auth_dict['uid'], auth_dict['first'],
-                    auth_dict['last'], auth_dict['picture'], auth_dict['admin'])
-        db.session.add(user)
-    db.session.commit()
-    login_user(user)
+        requests.put(app.config["DEVCADE_API_URI"] + "users/" + auth_dict['uid'], json={
+            'id': auth_dict['uid'],
+            'user_type': auth_dict['user_type'],
+            'first_name': auth_dict['first'],
+            'last_name': auth_dict['last'],
+            'picture': auth_dict['picture'],
+            'email': auth_dict['email'],
+            'admin': auth_dict['admin']
+        }, headers={"frontend_api_key":app.config["FRONTEND_API_KEY"]})
+    login_user(User(auth_dict['uid'], auth_dict['user_type'], auth_dict['first'], auth_dict['last'], auth_dict['email'], auth_dict['picture'], auth_dict['admin']))
     goto = flask.request.args.get('goto')
     if goto == None:
         goto = 'homepage'
@@ -78,7 +129,3 @@ def csh_auth(auth_dict=None):
     except:
         goto = flask.url_for('homepage')
     return flask.redirect(goto)
-
-
-with app.app_context():
-        db.create_all()

src/config.py

@@ -22,14 +22,15 @@
     SQLALCHEMY_DATABASE_URI = 'sqlite:///users.sqlite3'
 SQLALCHEMY_TRACK_MODIFICATIONS = 'False'
 
-AWS_ACCESS_KEY_ID = env.get('AWS_ACCESS_KEY_ID', '')
-AWS_SECRET_ACCESS_KEY = env.get('AWS_SECRET_ACCESS_KEY', '')
-
 # OpenID Connect SSO config CSH
 OIDC_ISSUER = env.get('OIDC_ISSUER', 'https://sso.csh.rit.edu/auth/realms/csh')
 OIDC_CLIENT_ID = env.get('OIDC_CLIENT_ID', 'devcade')
 OIDC_CLIENT_SECRET = env.get('OIDC_CLIENT_SECRET', 'NOT-A-SECRET')
 
+GOOGLE_OIDC_ISSUER = env.get('GOOGLE_OIDC_ISSUER', 'https://sso.csh.rit.edu/auth/realms/csh')
+GOOGLE_OIDC_CLIENT_ID = env.get('GOOGLE_OIDC_CLIENT_ID', 'devcade')
+GOOGLE_OIDC_CLIENT_SECRET = env.get('GOOGLE_OIDC_CLIENT_SECRET', 'NOT-A-SECRET')
+
 DEVCADE_API_URI = env.get('DEVCADE_API_URI')
 FRONTEND_API_KEY = env.get('FRONTEND_API_KEY')
 

src/init.py

@@ -21,12 +21,18 @@
                                  client_metadata=ClientMetadata(
                                      app.config["OIDC_CLIENT_ID"],
                                      app.config["OIDC_CLIENT_SECRET"]))
-auth = OIDCAuthentication({'default': CSH_AUTH},
-                          app)
+GOOGLE_AUTH = ProviderConfiguration(issuer=app.config["GOOGLE_OIDC_ISSUER"],
+                                 client_metadata=ClientMetadata(
+                                     app.config["GOOGLE_OIDC_CLIENT_ID"],
+                                     app.config["GOOGLE_OIDC_CLIENT_SECRET"]),
+                                 auth_request_params={'scope': ['email', 'profile', 'openid']})
+auth = OIDCAuthentication(
+    {
+        'default': CSH_AUTH,
+        'google': GOOGLE_AUTH
+    },
+    app
+)
 
 auth.init_app(app)
 app.secret_key = os.urandom(16)
-
-# DB
-db = SQLAlchemy(app)
-migrate = Migrate(app, db)

src/models.py

@@ -1,19 +1,10 @@
-from init import db
-
-
-class Users(db.Model):
-    __tablename__ = 'Users'
-
-    id = db.Column(db.String, primary_key=True)
-    firstname = db.Column(db.String, nullable=False)
-    lastname = db.Column(db.String, nullable=False)
-    picture = db.Column(db.String, nullable=False)
-    admin = db.Column(db.Boolean, nullable=False)
-
-    def __init__(self, uid, firstname, lastname, picture, admin):
+class User:
+    def __init__(self, uid, user_type, firstname, lastname, email, picture, admin):
         self.id = uid
+        self.user_type = user_type
         self.firstname = firstname
         self.lastname = lastname
+        self.email = email
         self.picture = picture
         self.admin = admin
 
@@ -22,9 +13,12 @@ def __repr__(self):
 
     def to_json(self):
         return {"uid": self.uid,
+                "user_type": self.user_type,
                 "first": self.firstname,
                 "last": self.lastname,
-                "picture": self.picture}
+                "email": self.email,
+                "picture": self.picture,
+                "admin": self.admin}
 
     def get_id(self):
         return self.id

src/templates/catalog.html

@@ -2,7 +2,7 @@
 block content %}
 <div class="card-wrapper">
   {% for i in range(0,gamelist|length) %}
-  {% if gamelist[i].id != "31cb96a8-b061-4381-a433-dd78550d4b3c" %}
+  {% if "CSH Only" not in gamelist[i].tags|map(attribute="name") or current_user.user_type == "CSH" %}
   {{ gamecard(gamelist[i]) }}
   {% endif %}
   {% endfor %}

src/templates/header.html

@@ -5,7 +5,11 @@
     <div class="game-name">
       <div>
         <h2>{{ game.name }}</h2>
+        {% if game.user.user_type == "CSH" %}
         <h3>{{ game.author }}</h3>
+        {% else %}
+        <h3>{{ game.user.email.split('@')[0] }}</h3>
+        {% endif %}
       </div>
     </div>
     <div class="game-desc"><div>{{ game.description }}</div></div>
@@ -95,8 +99,11 @@ <h1>Devcade</h1>
             </div>
             <div class="dropdown-menu dropped hidden">
               <!-- <div class="dropdown-divider"></div> -->
-              <a class="dropdown-item" href="/login?goto={{ request.endpoint }}"
-                >Log in</a
+              <a class="dropdown-item" href="/csh_auth?goto={{ request.endpoint }}"
+                >Log In With CSH</a
+              >
+              <a class="dropdown-item" href="/google_auth?goto={{ request.endpoint }}"
+                >Log In With RIT</a
               >
             </div>
           </div>