rzmk/learnhouse
1
0
Fork 0
mirror of https://github.com/rzmk/learnhouse.git synced 2025-12-19 04:19:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #8 from learnhouse/feat/auth_improvements

Browse source 
feat: auth exceptions + roles with user object
This commit is contained in:
Badr B 2022-11-19 20:21:41 +01:00 committed by GitHub
commit cc9397ca5f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 74 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

27
front/components/security/AuthProvider.tsx
View file

@ -1,8 +1,10 @@
import React, { useEffect } from "react"; import React, { useEffect } from "react";
import { getRefreshToken, getUserInfo } from "../../services/auth/auth"; import { getRefreshToken, getUserInfo } from "../../services/auth/auth";
import { useRouter } from "next/router";
export const AuthContext: any = React.createContext({}); export const AuthContext: any = React.createContext({});
const NON_AUTHENTICATED_ROUTES = ["/login", "/signup"];
export interface Auth { export interface Auth {
access_token: string; access_token: string;
isAuthenticated: boolean; isAuthenticated: boolean;
@ -10,7 +12,9 @@ export interface Auth {
isLoading: boolean; isLoading: boolean;
} }
const AuthProvider = (props: any) => { const AuthProvider = (props: any) => {
const router = useRouter();
const [auth, setAuth] = React.useState<Auth>({ access_token: "", isAuthenticated: false, userInfo: {}, isLoading: true }); const [auth, setAuth] = React.useState<Auth>({ access_token: "", isAuthenticated: false, userInfo: {}, isLoading: true });
async function checkRefreshToken() { async function checkRefreshToken() {
@ -19,30 +23,35 @@ const AuthProvider = (props: any) => {
} }
async function checkAuth() { async function checkAuth() {
try {
let access_token = await checkRefreshToken(); let access_token = await checkRefreshToken();
let isAuthenticated = false;
let userInfo = {}; let userInfo = {};
let isLoading = false; let isLoading = false;
if (access_token) { if (access_token) {
userInfo = await getUserInfo(access_token); userInfo = await getUserInfo(access_token);
isAuthenticated = true; setAuth({ access_token, isAuthenticated: true, userInfo, isLoading });
setAuth({ access_token, isAuthenticated, userInfo, isLoading });
} else{ // if user is authenticated and tries to access login or signup page, redirect to home
isAuthenticated = false; if(NON_AUTHENTICATED_ROUTES.includes(router.pathname)) {
setAuth({ access_token, isAuthenticated, userInfo, isLoading }); router.push("/");
}
} else {
setAuth({ access_token, isAuthenticated: false, userInfo, isLoading });
router.push("/login");
}
} catch (error) {
router.push("/");
} }
} }
useEffect(() => { useEffect(() => {
if (auth.isLoading) { if (auth.isLoading) {
checkAuth(); checkAuth();
} }
return () => { return () => {
auth.isLoading = false; auth.isLoading = false;
} };
}, []); }, []);
return <AuthContext.Provider value={auth}>{props.children}</AuthContext.Provider>; return <AuthContext.Provider value={auth}>{props.children}</AuthContext.Provider>;

42
front/components/security/AuthenticatedOnly.tsx
View file

@ -1,42 +0,0 @@
import React from "react";
import { getRefreshToken, getUserInfo } from "../../services/auth/auth";
import { Auth, AuthContext } from "./AuthProvider";
const AuthenticatedOnly = (props: any) => {
const [auth, setAuth] = React.useState<Auth>({ access_token: "", isAuthenticated: false, userInfo: {}, isLoading: true });
async function checkRefreshToken() {
let data = await getRefreshToken();
return data.access_token;
}
async function checkAuth() {
let access_token = await checkRefreshToken();
let isAuthenticated = false;
let userInfo = {};
let isLoading = false;
if (access_token) {
userInfo = await getUserInfo(access_token);
isAuthenticated = true;
setAuth({ access_token, isAuthenticated, userInfo, isLoading });
} else {
isAuthenticated = false;
setAuth({ access_token, isAuthenticated, userInfo, isLoading });
}
}
React.useEffect(() => {
checkAuth();
}, []);
return (
<div>
{auth.isLoading && <div>Loading...</div>}
{!auth.isLoading && auth.isAuthenticated && <div>{props.children}</div>}
{!auth.isLoading && !auth.isAuthenticated && <div>Not Authenticated</div>}
</div>
);
};
export default AuthenticatedOnly;

7
front/components/auth/HeaderProfileBox.tsx → front/components/security/HeaderProfileBox.tsx
View file

@ -1,8 +1,7 @@
import React from "react"; import React from "react";
import styled from "styled-components"; import styled from "styled-components";
import Link from "next/link"; import Link from "next/link";
import { AuthContext } from "../security/AuthProvider"; import { AuthContext } from "./AuthProvider";
import { getBackendUrl } from "../../services/config";
import Avvvatars from "avvvatars-react"; import Avvvatars from "avvvatars-react";
export const HeaderProfileBox = () => { export const HeaderProfileBox = () => {
@ -28,9 +27,9 @@ export const HeaderProfileBox = () => {
)} )}
{auth.isAuthenticated && ( {auth.isAuthenticated && (
<AccountArea> <AccountArea>
<div>{auth.userInfo.username}</div> <div>{auth.userInfo.user_object.username}</div>
<div> <div>
<Avvvatars value={auth.userInfo.user_id} style="shape" /> <Avvvatars value={auth.userInfo.user_object.user_id} style="shape" />
</div> </div>
</AccountArea> </AccountArea>
)} )}

2
front/components/ui/elements/menu.tsx
View file

@ -1,6 +1,6 @@
import React from "react"; import React from "react";
import styled from "styled-components"; import styled from "styled-components";
import { HeaderProfileBox } from "../../auth/HeaderProfileBox"; import { HeaderProfileBox } from "../../security/HeaderProfileBox";
import learnhouseIcon from "public/learnhouse_icon.png"; import learnhouseIcon from "public/learnhouse_icon.png";
import learnhouseLogo from "public/learnhouse_logo.png"; import learnhouseLogo from "public/learnhouse_logo.png";
import Link from "next/link"; import Link from "next/link";

2
front/pages/org/[orgslug]/course/[courseid]/element/[elementid]/index.tsx
View file

@ -30,7 +30,7 @@ function ElementPage() {
}, [router.isReady]); }, [router.isReady]);
const output = useMemo(() => { const output = useMemo(() => {
if (router.isReady) { if (router.isReady && !isLoading) {
console.log( "el",element.content); console.log( "el",element.content);
let content = Object.keys(element.content).length > 0 ? element.content : { let content = Object.keys(element.content).length > 0 ? element.content : {

3
front/pages/org/[orgslug]/course/[courseid]/index.tsx
View file

@ -6,7 +6,6 @@ import styled from "styled-components";
import Layout from "../../../../../components/ui/Layout"; import Layout from "../../../../../components/ui/Layout";
import { getAPIUrl, getBackendUrl } from "../../../../../services/config"; import { getAPIUrl, getBackendUrl } from "../../../../../services/config";
import { getCourse, getCourseMetadata } from "../../../../../services/courses/courses"; import { getCourse, getCourseMetadata } from "../../../../../services/courses/courses";
import { getOrganizationContextInfo } from "../../../../../services/orgs";
const CourseIdPage = () => { const CourseIdPage = () => {
const router = useRouter(); const router = useRouter();
@ -57,7 +56,7 @@ const CourseIdPage = () => {
return ( return (
<> <>
<Link href={`/org/${orgslug}/course/${courseid}/element/${element.id.replace("element_", "")}`}> <Link href={`/org/${orgslug}/course/${courseid}/element/${element.id.replace("element_", "")}`}>
<a target="_blank" rel="noopener noreferrer"> <a>
<ChapterIndicator /> <ChapterIndicator />
</a> </a>
</Link>{" "} </Link>{" "}

3
front/pages/organizations/index.tsx
View file

@ -1,6 +1,5 @@
import Link from "next/link"; import Link from "next/link";
import React from "react"; import React from "react";
import AuthenticatedOnly from "../../components/security/AuthenticatedOnly";
import Layout from "../../components/ui/Layout"; import Layout from "../../components/ui/Layout";
import { Title } from "../../components/ui/styles/Title"; import { Title } from "../../components/ui/styles/Title";
import { deleteOrganizationFromBackend, getUserOrganizations } from "../../services/orgs"; import { deleteOrganizationFromBackend, getUserOrganizations } from "../../services/orgs";
@ -33,7 +32,6 @@ const Organizations = () => {
return ( return (
<Layout> <Layout>
<AuthenticatedOnly>
<Title> <Title>
Your Organizations{" "} Your Organizations{" "}
<Link href={"/organizations/new"}> <Link href={"/organizations/new"}>
@ -61,7 +59,6 @@ const Organizations = () => {
))} ))}
</div> </div>
)} )}
</AuthenticatedOnly>
</Layout> </Layout>
); );

0
front/pages/organizations/update.tsx
View file

2
front/services/auth/auth.ts
View file

@ -37,7 +37,7 @@ export async function getUserInfo(token: string): Promise<any> {
credentials: "include", credentials: "include",
}; };
return fetch(`${getAPIUrl()}users/profile`, requestOptions) return fetch(`${getAPIUrl()}users/profile_metadata`, requestOptions)
.then((result) => result.json()) .then((result) => result.json())
.catch((error) => console.log("error", error)); .catch((error) => console.log("error", error));
} }

7
src/routers/users.py
View file

@ -24,6 +24,13 @@ async def api_get_current_user(current_user: User = Depends(get_current_user)):
""" """
return current_user.dict() return current_user.dict()
@router.get("/profile_metadata")
async def api_get_current_user(current_user: User = Depends(get_current_user)):
"""
Get current user
"""
return await get_profile_metadata(current_user.dict())
@router.get("/username/{username}") @router.get("/username/{username}")
async def api_get_user_by_username(username: str): async def api_get_user_by_username(username: str):

37
src/services/users.py
View file

@ -35,6 +35,18 @@ class UserInDB(UserWithPassword):
creationDate: str creationDate: str
updateDate: str updateDate: str
class UserProfileMetadata(BaseModel):
user_object: PublicUser
roles = list
# TODO : terrible, export role classes from one single source of truth
class Role(BaseModel):
name: str
description: str
permissions: object
elements: object
#### Classes #################################################### #### Classes ####################################################
# TODO : user actions security # TODO : user actions security
@ -55,6 +67,31 @@ async def get_user(username: str):
return user return user
async def get_profile_metadata(user):
await check_database()
users = learnhouseDB["users"]
roles = learnhouseDB["roles"]
user = users.find_one({"user_id": user['user_id']})
if not user:
raise HTTPException(
status_code=status.HTTP_409_CONFLICT, detail="User does not exist")
# get roles
user_roles = roles.find({"linked_users": user['user_id']})
user_roles_list = []
for role in user_roles:
print(role)
user_roles_list.append(Role(**role))
return {
"user_object": PublicUser(**user),
"roles": user_roles_list
}
async def get_user_by_userid(user_id: str): async def get_user_by_userid(user_id: str):
await check_database() await check_database()
users = learnhouseDB["users"] users = learnhouseDB["users"]