From 1de71fe26330fe11140372b0b43ab42850e38f1d Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 19 Dec 2023 09:24:55 -0500 Subject: [PATCH 01/22] DEVAUTH - All-local devenv sans cloud or third-party auth workflows Remedy for git confusion on problem zip files --- .gitattributes | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.gitattributes b/.gitattributes index faa6195ab..081bf1643 100644 --- a/.gitattributes +++ b/.gitattributes @@ -40,3 +40,8 @@ *.jpg binary *.gif binary *.pdf binary + +# Annoying product-updates zip files +product-updates/knowledge-center/FTANF_2009.zip binary eol=lf +product-updates/knowledge-center/SSPMOE_2009.zip binary eol=lf +product-updates/knowledge-center/ftanf.zip binary eol=lf From 496f60236f00e6a5be31cf33a83c0ef108bd466e Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Wed, 29 Nov 2023 11:21:53 -0500 Subject: [PATCH 02/22] Changes for fully local development - Enables direct frontend/backend communication sans Login.gov/Cloud.gov - Drives off new DEVELOPMENT env var - Pre-configures and disables frontend auth functionality - Testing based on new dev user - Install via web: ./manage.py generate_dev_user --- tdrs-backend/.env.example | 2 ++ tdrs-backend/tdpservice/data_files/views.py | 3 ++ tdrs-backend/tdpservice/settings/common.py | 1 + .../tdpservice/users/authentication.py | 15 ++++++++++ .../management/commands/generate_dev_user.py | 30 +++++++++++++++++++ tdrs-backend/tdpservice/users/permissions.py | 6 ++++ tdrs-frontend/.env | 2 ++ tdrs-frontend/docker-compose.yml | 6 +--- tdrs-frontend/src/actions/auth.js | 3 ++ tdrs-frontend/src/configureStore.js | 23 +++++++++++++- 10 files changed, 85 insertions(+), 6 deletions(-) create mode 100755 tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py diff --git a/tdrs-backend/.env.example b/tdrs-backend/.env.example index 5ffe271c1..3d325bc9c 100644 --- a/tdrs-backend/.env.example +++ b/tdrs-backend/.env.example @@ -2,6 +2,8 @@ # Copy this file to `.env` and replace variables as needed # +DEVELOPMENT=1 + # ## # Required environment variables # These must be defined or the application will encounter fatal errors diff --git a/tdrs-backend/tdpservice/data_files/views.py b/tdrs-backend/tdpservice/data_files/views.py index f01bb5be6..ebc769172 100644 --- a/tdrs-backend/tdpservice/data_files/views.py +++ b/tdrs-backend/tdpservice/data_files/views.py @@ -54,6 +54,7 @@ class DataFileViewSet(ModelViewSet): def create(self, request, *args, **kwargs): """Override create to upload in case of successful scan.""" + logger.debug(f"{self.__class__.__name__}: {request}") response = super().create(request, *args, **kwargs) # only if file is passed the virus scan and created successfully will we perform side-effects: @@ -61,6 +62,7 @@ def create(self, request, *args, **kwargs): # * Upload to ACF-TITAN # * Send email to user + logger.debug(f"{self.__class__.__name__}: status: {response.status_code}") if response.status_code == status.HTTP_201_CREATED or response.status_code == status.HTTP_200_OK: user = request.user data_file_id = response.data.get('id') @@ -109,6 +111,7 @@ def create(self, request, *args, **kwargs): if len(recipients) > 0: send_data_submitted_email(list(recipients), data_file, email_context, subject) + logger.debug(f"{self.__class__.__name__}: return val: {response}") return response def get_s3_versioning_id(self, file_name, prefix): diff --git a/tdrs-backend/tdpservice/settings/common.py b/tdrs-backend/tdpservice/settings/common.py index 9abbb2c15..cd01de016 100644 --- a/tdrs-backend/tdpservice/settings/common.py +++ b/tdrs-backend/tdpservice/settings/common.py @@ -293,6 +293,7 @@ class Common(Configuration): "DEFAULT_RENDERER_CLASSES": DEFAULT_RENDERER_CLASSES, "DEFAULT_PERMISSION_CLASSES": ["rest_framework.permissions.IsAuthenticated"], "DEFAULT_AUTHENTICATION_CLASSES": ( + "tdpservice.users.authentication.DevAuthentication", "tdpservice.users.authentication.CustomAuthentication", "rest_framework.authentication.SessionAuthentication", "rest_framework.authentication.TokenAuthentication", diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index d238771ff..9c3c699cc 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -4,8 +4,23 @@ from rest_framework.authentication import BaseAuthentication import logging +import os logger = logging.getLogger(__name__) +class DevAuthentication(BaseAuthentication): + def authenticate(self, request): + if not os.environ.get('DEVELOPMENT'): + return None + logging.debug(f"{self.__class__.__name__}: {request} ; {request.data}") + requser = request.data.get("user") + reqname = requser if requser and requser != "undefined" else "dev@test.com" + User = get_user_model() + authuser = User.objects.get(username=reqname) + if authuser and requser == "undefined": + request.data["user"] = authuser.id + return (User.objects.get(username=reqname), True) + + class CustomAuthentication(BaseAuthentication): """Define authentication and get user functions for custom authentication.""" diff --git a/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py new file mode 100755 index 000000000..721d7d1a8 --- /dev/null +++ b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py @@ -0,0 +1,30 @@ +#!/usr/bin/env python + +from django.contrib.auth import get_user_model +from django.contrib.auth.models import Group +from django.core.management import BaseCommand + +User = get_user_model() + +email = "dev@test.com" +pswd = "pass" +first = "Jon" +last = "Tester" + +class Command(BaseCommand): + + def handle(self, *args, **options): + try: + user = User.objects.get(username=email) + print(f"Found {vars(user)}") + except User.DoesNotExist: + group = Group.objects.get(name="Developer") + user = User.objects.create(username=email, + email=email, + password=pswd, + first_name=first, + last_name=last, + account_approval_status="Approved") + user.groups.add(group) + print(f"Created {vars(user)}") + diff --git a/tdrs-backend/tdpservice/users/permissions.py b/tdrs-backend/tdpservice/users/permissions.py index 81e54fe54..31106304c 100644 --- a/tdrs-backend/tdpservice/users/permissions.py +++ b/tdrs-backend/tdpservice/users/permissions.py @@ -8,6 +8,9 @@ from collections import ChainMap from copy import deepcopy from typing import List, Optional, TYPE_CHECKING +import logging + +logger = logging.getLogger(__name__) if TYPE_CHECKING: # pragma: no cover @@ -126,6 +129,7 @@ class IsApprovedPermission(permissions.DjangoModelPermissions): def has_permission(self, request, view): """Return True if the user has been assigned a group and is approved.""" + logging.debug(f"{self.__class__.__name__}: {request} ; {view}") return (request.user.groups.first() is not None and request.user.account_approval_status == AccountApprovalStatusChoices.APPROVED) @@ -160,6 +164,8 @@ def has_permission(self, request, view): Data Analyst will only have permission to files within their STT and a Regional Manager will only have permission to files within their region. """ + logging.debug(f"{self.__class__.__name__}: {request} ; {view}") + # Checks for existence of `data_files.view_datafile` Permission has_permission = super().has_permission(request, view) diff --git a/tdrs-frontend/.env b/tdrs-frontend/.env index 087144285..da6c85ddb 100644 --- a/tdrs-frontend/.env +++ b/tdrs-frontend/.env @@ -4,6 +4,8 @@ # WARNING: This file is checked in to source control, do NOT store any secrets in this file # +DEVELOPMENT=1 + # The hostname behind the tdrs-backend Django app REACT_APP_BACKEND_HOST=http://127.0.0.1:8080 diff --git a/tdrs-frontend/docker-compose.yml b/tdrs-frontend/docker-compose.yml index d75772fa5..b8b9c480e 100644 --- a/tdrs-frontend/docker-compose.yml +++ b/tdrs-frontend/docker-compose.yml @@ -7,7 +7,7 @@ services: ports: - 8090:8090 networks: - - local + - default volumes: - ./reports:/zap/wrk/:rw - ../scripts/zap-hook.py:/zap/scripts/zap-hook.py:ro @@ -21,7 +21,6 @@ services: - 3000:80 - 8080:8080 networks: - - local - default volumes: - ./:/home/node/app @@ -42,9 +41,6 @@ services: && nginx -g 'daemon off;'" networks: - local: - driver: bridge - default: external: name: external-net diff --git a/tdrs-frontend/src/actions/auth.js b/tdrs-frontend/src/actions/auth.js index 6b0147c6b..7dad3b0eb 100644 --- a/tdrs-frontend/src/actions/auth.js +++ b/tdrs-frontend/src/actions/auth.js @@ -40,6 +40,9 @@ export const SET_MOCK_LOGIN_STATE = 'SET_MOCK_LOGIN_STATE' */ export const fetchAuth = () => async (dispatch) => { + if (process.env.DEVELOPMENT) { + return 0 + } dispatch({ type: FETCH_AUTH }) try { const URL = `${process.env.REACT_APP_BACKEND_URL}/auth_check` diff --git a/tdrs-frontend/src/configureStore.js b/tdrs-frontend/src/configureStore.js index a9f340685..24d09e21b 100644 --- a/tdrs-frontend/src/configureStore.js +++ b/tdrs-frontend/src/configureStore.js @@ -4,6 +4,7 @@ import { createBrowserHistory } from 'history' import thunkMiddleware from 'redux-thunk' import loggerMiddleware from './middleware/logger' import createRootReducer from './reducers' +import { permissions } from './components/Header/developer_permissions' export const history = createBrowserHistory() @@ -13,9 +14,29 @@ export const history = createBrowserHistory() export default function configureStore(preloadedState) { const middlewares = [thunkMiddleware, loggerMiddleware] const composedEnhancers = composeWithDevTools(applyMiddleware(...middlewares)) + const devState = { + router: { location: { pathname: '/profile' } }, + auth: { + user: { + email: 'dev@test.com', + first_name: 'Jon', + last_name: 'Tester', + roles: [{ id: 1, name: 'Developer', permissions }], + access_request: true, + account_approval_status: 'Approved', + stt: { + id: 31, + type: 'state', + code: 'NJ', + name: 'New Jersey', + }, + }, + authenticated: true, + }, + } const store = createStore( createRootReducer(history), - preloadedState, + process.env.DEVELOPMENT ? devState : preloadedState, composedEnhancers ) return store From ca81e02c21609ee6fa9d13b3fc52c800eb632f89 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 5 Dec 2023 11:27:53 -0500 Subject: [PATCH 03/22] Reorganized front end logic on REACT_APP_DEVAUTH env var --- tdrs-frontend/.env | 2 -- tdrs-frontend/.env.development | 2 ++ tdrs-frontend/src/actions/auth.js | 2 +- tdrs-frontend/src/configureStore.js | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tdrs-frontend/.env b/tdrs-frontend/.env index da6c85ddb..087144285 100644 --- a/tdrs-frontend/.env +++ b/tdrs-frontend/.env @@ -4,8 +4,6 @@ # WARNING: This file is checked in to source control, do NOT store any secrets in this file # -DEVELOPMENT=1 - # The hostname behind the tdrs-backend Django app REACT_APP_BACKEND_HOST=http://127.0.0.1:8080 diff --git a/tdrs-frontend/.env.development b/tdrs-frontend/.env.development index 3c0c68d15..b4c03e4a4 100644 --- a/tdrs-frontend/.env.development +++ b/tdrs-frontend/.env.development @@ -3,6 +3,8 @@ # This file is loaded when running `npm start` # +#REACT_APP_DEVAUTH=1 + # The hostname behind the tdrs-backend Django app REACT_APP_BACKEND_HOST=http://localhost:3000 diff --git a/tdrs-frontend/src/actions/auth.js b/tdrs-frontend/src/actions/auth.js index 7dad3b0eb..f98b8158f 100644 --- a/tdrs-frontend/src/actions/auth.js +++ b/tdrs-frontend/src/actions/auth.js @@ -40,7 +40,7 @@ export const SET_MOCK_LOGIN_STATE = 'SET_MOCK_LOGIN_STATE' */ export const fetchAuth = () => async (dispatch) => { - if (process.env.DEVELOPMENT) { + if (process.env.REACT_APP_DEVAUTH) { return 0 } dispatch({ type: FETCH_AUTH }) diff --git a/tdrs-frontend/src/configureStore.js b/tdrs-frontend/src/configureStore.js index 24d09e21b..b96bea6b2 100644 --- a/tdrs-frontend/src/configureStore.js +++ b/tdrs-frontend/src/configureStore.js @@ -36,7 +36,7 @@ export default function configureStore(preloadedState) { } const store = createStore( createRootReducer(history), - process.env.DEVELOPMENT ? devState : preloadedState, + process.env.REACT_APP_DEVAUTH ? devState : preloadedState, composedEnhancers ) return store From 1548342f17d6223fa415e17d97cdf1a9aefb245f Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 5 Dec 2023 11:39:38 -0500 Subject: [PATCH 04/22] Reorganized backend logic on REACT_APP_DEVAUTH env var --- tdrs-backend/.env.example | 2 +- tdrs-backend/tdpservice/users/authentication.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tdrs-backend/.env.example b/tdrs-backend/.env.example index 3d325bc9c..de65d0e9e 100644 --- a/tdrs-backend/.env.example +++ b/tdrs-backend/.env.example @@ -2,7 +2,7 @@ # Copy this file to `.env` and replace variables as needed # -DEVELOPMENT=1 +#REACT_APP_DEVAUTH=1 # ## # Required environment variables diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index 9c3c699cc..5b53ea017 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -9,7 +9,7 @@ class DevAuthentication(BaseAuthentication): def authenticate(self, request): - if not os.environ.get('DEVELOPMENT'): + if not os.environ.get('REACT_APP_DEVAUTH'): return None logging.debug(f"{self.__class__.__name__}: {request} ; {request.data}") requser = request.data.get("user") From b12346b46894b887bccca4edacbe3c6688d5e83b Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Fri, 8 Dec 2023 17:09:11 -0500 Subject: [PATCH 05/22] added is_superuser and is_staff attrs to dev user --- .../tdpservice/users/management/commands/generate_dev_user.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py index 721d7d1a8..3faeb548a 100755 --- a/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py +++ b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py @@ -22,6 +22,8 @@ def handle(self, *args, **options): user = User.objects.create(username=email, email=email, password=pswd, + is_superuser=True, + is_staff=True, first_name=first, last_name=last, account_approval_status="Approved") From d0bf9a36b3bbaa8d156c6301af51f89305bd9168 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Thu, 14 Dec 2023 00:02:33 -0500 Subject: [PATCH 06/22] DevAuth feature redesign inspired by Cypress - Initializing frontend w/POST /login/cypress: {devEmail, local-cypress-token} - Changed REACT_APP_DEVAUTH to provide the email of the desired dev user - Modified CustomAuthentication.authenticate to handle both known use cases - Added stt_id=31 to the initial dev user - Disabled ES disk threshold checking for local dev which blocked ES startup - Removed DevAuthentication and other now unnecessary code Resolved cherry-pick conflict --- tdrs-backend/docker-compose.local.yml | 1 + tdrs-backend/tdpservice/settings/common.py | 4 +- .../users/api/authorization_check.py | 2 + tdrs-backend/tdpservice/users/api/login.py | 1 + .../tdpservice/users/authentication.py | 47 +++++++++---------- .../management/commands/generate_dev_user.py | 1 + tdrs-frontend/src/actions/auth.js | 3 -- tdrs-frontend/src/configureStore.js | 22 +-------- tdrs-frontend/src/index.js | 20 ++++++++ 9 files changed, 51 insertions(+), 50 deletions(-) diff --git a/tdrs-backend/docker-compose.local.yml b/tdrs-backend/docker-compose.local.yml index 3c8e76317..d2cd5289c 100644 --- a/tdrs-backend/docker-compose.local.yml +++ b/tdrs-backend/docker-compose.local.yml @@ -36,6 +36,7 @@ services: environment: - discovery.type=single-node - xpack.security.enabled=false + - cluster.routing.allocation.disk.threshold_enabled=false - logger.discovery.level=debug ports: - 9200:9200 diff --git a/tdrs-backend/tdpservice/settings/common.py b/tdrs-backend/tdpservice/settings/common.py index cd01de016..bbae94770 100644 --- a/tdrs-backend/tdpservice/settings/common.py +++ b/tdrs-backend/tdpservice/settings/common.py @@ -293,7 +293,6 @@ class Common(Configuration): "DEFAULT_RENDERER_CLASSES": DEFAULT_RENDERER_CLASSES, "DEFAULT_PERMISSION_CLASSES": ["rest_framework.permissions.IsAuthenticated"], "DEFAULT_AUTHENTICATION_CLASSES": ( - "tdpservice.users.authentication.DevAuthentication", "tdpservice.users.authentication.CustomAuthentication", "rest_framework.authentication.SessionAuthentication", "rest_framework.authentication.TokenAuthentication", @@ -473,4 +472,5 @@ class Common(Configuration): }, } - CYPRESS_TOKEN = os.getenv('CYPRESS_TOKEN', None) + REACT_APP_DEVAUTH = os.getenv('REACT_APP_DEVAUTH', None) + CYPRESS_TOKEN = 'local-cypress-token' if REACT_APP_DEVAUTH else os.getenv('CYPRESS_TOKEN', None) diff --git a/tdrs-backend/tdpservice/users/api/authorization_check.py b/tdrs-backend/tdpservice/users/api/authorization_check.py index 57ed30527..ddcfcb1be 100644 --- a/tdrs-backend/tdpservice/users/api/authorization_check.py +++ b/tdrs-backend/tdpservice/users/api/authorization_check.py @@ -21,6 +21,8 @@ class AuthorizationCheck(APIView): def get(self, request, *args, **kwargs): """Handle get request and verify user is authorized.""" + logger.debug(f"{self.__class__.__name__}: {request} {args} {kwargs}") + user = request.user serializer = UserProfileSerializer(user) diff --git a/tdrs-backend/tdpservice/users/api/login.py b/tdrs-backend/tdpservice/users/api/login.py index 338508148..0efdf5cce 100644 --- a/tdrs-backend/tdpservice/users/api/login.py +++ b/tdrs-backend/tdpservice/users/api/login.py @@ -395,6 +395,7 @@ class CypressLoginDotGovAuthenticationOverride(TokenAuthorizationOIDC): def post(self, request): """Create a session for the specified user, if they exist.""" + logging.debug(f"{self.__class__.__name__}: {request} ; {request.data}") username = request.data.get('username', None) token = request.data.get('token', None) diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index 5b53ea017..2f4e97b30 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -3,51 +3,50 @@ from django.contrib.auth import get_user_model from rest_framework.authentication import BaseAuthentication +from rest_framework.request import Request import logging import os logger = logging.getLogger(__name__) -class DevAuthentication(BaseAuthentication): - def authenticate(self, request): - if not os.environ.get('REACT_APP_DEVAUTH'): - return None - logging.debug(f"{self.__class__.__name__}: {request} ; {request.data}") - requser = request.data.get("user") - reqname = requser if requser and requser != "undefined" else "dev@test.com" - User = get_user_model() - authuser = User.objects.get(username=reqname) - if authuser and requser == "undefined": - request.data["user"] = authuser.id - return (User.objects.get(username=reqname), True) - - class CustomAuthentication(BaseAuthentication): """Define authentication and get user functions for custom authentication.""" @staticmethod - def authenticate(username=None, login_gov_uuid=None, hhs_id=None): - """Authenticate user with the request and username.""" + def authenticate(request=None, login_gov_uuid=None, hhs_id=None): + """ HACK + This method currently needs to support two unrelated workflows. + References: + tdpservice/users/api/login.py:TokenAuthorizationOIDC.handleUser + https://www.django-rest-framework.org/api-guide/authentication + """ + if type(request) == Request: + logging.debug(f"CustomAuthentication::authenticate: {request} {request.data} " + f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") + username = request.data.get('username') + else: + logging.debug(f"CustomAuthentication::authenticate: {username} " + f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") + username = request User = get_user_model() - logging.debug("CustomAuthentication::authenticate:hhs_id {}".format(hhs_id)) - logging.debug("CustomAuthentication::authenticate:login_gov_uuid {}".format(login_gov_uuid)) - logging.debug("CustomAuthentication::authenticate:username {}".format(username)) try: if hhs_id: try: - return User.objects.get(hhs_id=hhs_id) + user_obj = User.objects.get(hhs_id=hhs_id) except User.DoesNotExist: # If below line also fails with User.DNE, will bubble up and return None user = User.objects.filter(username=username) user.update(hhs_id=hhs_id) logging.debug("Updated user {} with hhs_id {}.".format(username, hhs_id)) - return User.objects.get(hhs_id=hhs_id) + user_obj = User.objects.get(hhs_id=hhs_id) elif login_gov_uuid: - return User.objects.get(login_gov_uuid=login_gov_uuid) + user_obj = User.objects.get(login_gov_uuid=login_gov_uuid) else: - return User.objects.get(username=username) + user_obj = User.objects.get(username=username) except User.DoesNotExist: - return None + user_obj = None + logging.debug(f"CustomAuthentication::authenticate found user: {user_obj}") + return (user_obj, None) if user_obj else None @staticmethod def get_user(user_id): diff --git a/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py index 3faeb548a..e95bfbce3 100755 --- a/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py +++ b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py @@ -26,6 +26,7 @@ def handle(self, *args, **options): is_staff=True, first_name=first, last_name=last, + stt_id=31, account_approval_status="Approved") user.groups.add(group) print(f"Created {vars(user)}") diff --git a/tdrs-frontend/src/actions/auth.js b/tdrs-frontend/src/actions/auth.js index f98b8158f..6b0147c6b 100644 --- a/tdrs-frontend/src/actions/auth.js +++ b/tdrs-frontend/src/actions/auth.js @@ -40,9 +40,6 @@ export const SET_MOCK_LOGIN_STATE = 'SET_MOCK_LOGIN_STATE' */ export const fetchAuth = () => async (dispatch) => { - if (process.env.REACT_APP_DEVAUTH) { - return 0 - } dispatch({ type: FETCH_AUTH }) try { const URL = `${process.env.REACT_APP_BACKEND_URL}/auth_check` diff --git a/tdrs-frontend/src/configureStore.js b/tdrs-frontend/src/configureStore.js index b96bea6b2..3b20fb58a 100644 --- a/tdrs-frontend/src/configureStore.js +++ b/tdrs-frontend/src/configureStore.js @@ -14,29 +14,9 @@ export const history = createBrowserHistory() export default function configureStore(preloadedState) { const middlewares = [thunkMiddleware, loggerMiddleware] const composedEnhancers = composeWithDevTools(applyMiddleware(...middlewares)) - const devState = { - router: { location: { pathname: '/profile' } }, - auth: { - user: { - email: 'dev@test.com', - first_name: 'Jon', - last_name: 'Tester', - roles: [{ id: 1, name: 'Developer', permissions }], - access_request: true, - account_approval_status: 'Approved', - stt: { - id: 31, - type: 'state', - code: 'NJ', - name: 'New Jersey', - }, - }, - authenticated: true, - }, - } const store = createStore( createRootReducer(history), - process.env.REACT_APP_DEVAUTH ? devState : preloadedState, + preloadedState, composedEnhancers ) return store diff --git a/tdrs-frontend/src/index.js b/tdrs-frontend/src/index.js index 3a2f2060c..394371280 100644 --- a/tdrs-frontend/src/index.js +++ b/tdrs-frontend/src/index.js @@ -24,8 +24,28 @@ axios.defaults.xsrfCookieName = 'csrftoken' axios.defaults.xsrfHeaderName = 'X-CSRFToken' axios.defaults.withCredentials = true +function devLogin(devEmail) { + const BACKEND_URL = process.env.REACT_APP_BACKEND_URL + axios + .post(`${BACKEND_URL}/login/cypress`, { + username: devEmail, + token: 'local-cypress-token', + }) + .then(function (response) { + console.log(response) + }) + .catch(function (error) { + console.log(error) + }) + store.dispatch({ type: 'SET_AUTH', payload: { devEmail } }) + console.log(`dispatched SET_AUTH(${devEmail})`) +} + // call auth_check const store = configureStore() +if (process.env.REACT_APP_DEVAUTH) { + devLogin(process.env.REACT_APP_DEVAUTH) +} store.dispatch(fetchAuth()) // if (window.location.href.match(/https:\/\/.*\.app\.cloud\.gov/)) { From 0ff4a662fb1d2344cd92a8f5b99eb4f55f81ce38 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Thu, 14 Dec 2023 00:49:46 -0500 Subject: [PATCH 07/22] Fixed CustomAuthentication.authenticate return val for login.py use case --- tdrs-backend/tdpservice/users/authentication.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index 2f4e97b30..065f37853 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -46,7 +46,9 @@ def authenticate(request=None, login_gov_uuid=None, hhs_id=None): except User.DoesNotExist: user_obj = None logging.debug(f"CustomAuthentication::authenticate found user: {user_obj}") - return (user_obj, None) if user_obj else None + if type(request) == Request: + return (user_obj, None) if user_obj else None + return user_obj @staticmethod def get_user(user_id): From fe12fb0621471714f3c28b6e52a48e1f929d6a4a Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Thu, 14 Dec 2023 00:52:36 -0500 Subject: [PATCH 08/22] Fixed CustomAuthentication.authenticate logging for login.py use case --- tdrs-backend/tdpservice/users/authentication.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index 065f37853..7b3246d89 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -20,13 +20,13 @@ def authenticate(request=None, login_gov_uuid=None, hhs_id=None): https://www.django-rest-framework.org/api-guide/authentication """ if type(request) == Request: + username = request.data.get('username') logging.debug(f"CustomAuthentication::authenticate: {request} {request.data} " f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") - username = request.data.get('username') else: + username = request logging.debug(f"CustomAuthentication::authenticate: {username} " f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") - username = request User = get_user_model() try: if hhs_id: From fdcb6e21d49c5050b0be07b6e628bf6bdb4ab862 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Thu, 14 Dec 2023 00:57:57 -0500 Subject: [PATCH 09/22] Removed unneeded permissions import --- tdrs-frontend/src/configureStore.js | 1 - 1 file changed, 1 deletion(-) diff --git a/tdrs-frontend/src/configureStore.js b/tdrs-frontend/src/configureStore.js index 3b20fb58a..a9f340685 100644 --- a/tdrs-frontend/src/configureStore.js +++ b/tdrs-frontend/src/configureStore.js @@ -4,7 +4,6 @@ import { createBrowserHistory } from 'history' import thunkMiddleware from 'redux-thunk' import loggerMiddleware from './middleware/logger' import createRootReducer from './reducers' -import { permissions } from './components/Header/developer_permissions' export const history = createBrowserHistory() From d475645e49528cea736f430b4061cd3bc997df6b Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Thu, 14 Dec 2023 08:12:49 -0500 Subject: [PATCH 10/22] Updates to REACT_APP_DEVAUTH env var settings - Enabled with an email address value - Disabled by default --- tdrs-backend/.env.example | 2 +- tdrs-frontend/.env | 2 ++ tdrs-frontend/.env.development | 2 -- tdrs-frontend/docker-compose.yml | 1 + 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/tdrs-backend/.env.example b/tdrs-backend/.env.example index de65d0e9e..55fb19db7 100644 --- a/tdrs-backend/.env.example +++ b/tdrs-backend/.env.example @@ -2,7 +2,7 @@ # Copy this file to `.env` and replace variables as needed # -#REACT_APP_DEVAUTH=1 +#REACT_APP_DEVAUTH=dev@test.com # ## # Required environment variables diff --git a/tdrs-frontend/.env b/tdrs-frontend/.env index 087144285..a0abd8b0b 100644 --- a/tdrs-frontend/.env +++ b/tdrs-frontend/.env @@ -4,6 +4,8 @@ # WARNING: This file is checked in to source control, do NOT store any secrets in this file # +#REACT_APP_DEVAUTH=dev@test.com + # The hostname behind the tdrs-backend Django app REACT_APP_BACKEND_HOST=http://127.0.0.1:8080 diff --git a/tdrs-frontend/.env.development b/tdrs-frontend/.env.development index b4c03e4a4..3c0c68d15 100644 --- a/tdrs-frontend/.env.development +++ b/tdrs-frontend/.env.development @@ -3,8 +3,6 @@ # This file is loaded when running `npm start` # -#REACT_APP_DEVAUTH=1 - # The hostname behind the tdrs-backend Django app REACT_APP_BACKEND_HOST=http://localhost:3000 diff --git a/tdrs-frontend/docker-compose.yml b/tdrs-frontend/docker-compose.yml index b8b9c480e..23c0a0669 100644 --- a/tdrs-frontend/docker-compose.yml +++ b/tdrs-frontend/docker-compose.yml @@ -28,6 +28,7 @@ services: - NGINX_FRONTEND=tdp-frontend - BACK_END=web - LOCAL_DEV=true + - REACT_APP_DEVAUTH=${REACT_APP_DEVAUTH} command: > /bin/sh -c "echo 'starting nginx' && From 45d1d70965f02dc39c8a137ae05d9092a792c112 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Fri, 15 Dec 2023 13:49:30 -0500 Subject: [PATCH 11/22] Restored support for CustomAuthentication.authenticate username keyword --- tdrs-backend/tdpservice/users/authentication.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index 7b3246d89..e26a4db4e 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -12,7 +12,7 @@ class CustomAuthentication(BaseAuthentication): """Define authentication and get user functions for custom authentication.""" @staticmethod - def authenticate(request=None, login_gov_uuid=None, hhs_id=None): + def authenticate(request=None, username=None, login_gov_uuid=None, hhs_id=None): """ HACK This method currently needs to support two unrelated workflows. References: @@ -24,7 +24,6 @@ def authenticate(request=None, login_gov_uuid=None, hhs_id=None): logging.debug(f"CustomAuthentication::authenticate: {request} {request.data} " f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") else: - username = request logging.debug(f"CustomAuthentication::authenticate: {username} " f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") User = get_user_model() From ff79717a618a9e879f6acc2957e433a9afc57bf7 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Fri, 15 Dec 2023 15:51:46 -0500 Subject: [PATCH 12/22] Modified CustomAuthentication.authenticate comment to satisfy flake8 --- tdrs-backend/tdpservice/users/authentication.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index e26a4db4e..b1cc56f0e 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -5,7 +5,6 @@ from rest_framework.authentication import BaseAuthentication from rest_framework.request import Request import logging -import os logger = logging.getLogger(__name__) class CustomAuthentication(BaseAuthentication): @@ -13,12 +12,11 @@ class CustomAuthentication(BaseAuthentication): @staticmethod def authenticate(request=None, username=None, login_gov_uuid=None, hhs_id=None): - """ HACK - This method currently needs to support two unrelated workflows. - References: - tdpservice/users/api/login.py:TokenAuthorizationOIDC.handleUser - https://www.django-rest-framework.org/api-guide/authentication - """ + """Authenticate user with the request and username.""" + # HACK: This method currently needs to support two unrelated workflows. + # References: + # tdpservice/users/api/login.py:TokenAuthorizationOIDC.handleUser + # https://www.django-rest-framework.org/api-guide/authentication if type(request) == Request: username = request.data.get('username') logging.debug(f"CustomAuthentication::authenticate: {request} {request.data} " From 23f6a693442359fc31e6057083f2428110719292 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 19 Dec 2023 10:23:24 -0500 Subject: [PATCH 13/22] Removed unnecessary CYPRESS_TOKEN conditional setting --- tdrs-backend/tdpservice/settings/common.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tdrs-backend/tdpservice/settings/common.py b/tdrs-backend/tdpservice/settings/common.py index bbae94770..adb327383 100644 --- a/tdrs-backend/tdpservice/settings/common.py +++ b/tdrs-backend/tdpservice/settings/common.py @@ -472,5 +472,4 @@ class Common(Configuration): }, } - REACT_APP_DEVAUTH = os.getenv('REACT_APP_DEVAUTH', None) - CYPRESS_TOKEN = 'local-cypress-token' if REACT_APP_DEVAUTH else os.getenv('CYPRESS_TOKEN', None) + CYPRESS_TOKEN = os.getenv('REACT_APP_DEVAUTH', None) From d21b155913bdde78ff7ecbfbbe66c7fe6bebebce Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 19 Dec 2023 10:25:34 -0500 Subject: [PATCH 14/22] Really removed unnecessary CYPRESS_TOKEN setting --- tdrs-backend/tdpservice/settings/common.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-backend/tdpservice/settings/common.py b/tdrs-backend/tdpservice/settings/common.py index adb327383..5e77e9936 100644 --- a/tdrs-backend/tdpservice/settings/common.py +++ b/tdrs-backend/tdpservice/settings/common.py @@ -472,4 +472,4 @@ class Common(Configuration): }, } - CYPRESS_TOKEN = os.getenv('REACT_APP_DEVAUTH', None) + CYPRESS_TOKEN = os.getenv(CYPRESS_TOKEN, None) From 09d9d2c92bbd70928e16b785c159aa251ab246c5 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 19 Dec 2023 10:26:34 -0500 Subject: [PATCH 15/22] Really removed unnecessary CYPRESS_TOKEN setting --- tdrs-backend/tdpservice/settings/common.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-backend/tdpservice/settings/common.py b/tdrs-backend/tdpservice/settings/common.py index 5e77e9936..9abbb2c15 100644 --- a/tdrs-backend/tdpservice/settings/common.py +++ b/tdrs-backend/tdpservice/settings/common.py @@ -472,4 +472,4 @@ class Common(Configuration): }, } - CYPRESS_TOKEN = os.getenv(CYPRESS_TOKEN, None) + CYPRESS_TOKEN = os.getenv('CYPRESS_TOKEN', None) From d15bf6dbf4f292da66a9b8a087ee79dfc727f180 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 19 Dec 2023 10:28:36 -0500 Subject: [PATCH 16/22] Removed unnecessary REACT_APP_DEVAUTH setting from backend --- tdrs-backend/.env.example | 2 -- 1 file changed, 2 deletions(-) diff --git a/tdrs-backend/.env.example b/tdrs-backend/.env.example index 55fb19db7..5ffe271c1 100644 --- a/tdrs-backend/.env.example +++ b/tdrs-backend/.env.example @@ -2,8 +2,6 @@ # Copy this file to `.env` and replace variables as needed # -#REACT_APP_DEVAUTH=dev@test.com - # ## # Required environment variables # These must be defined or the application will encounter fatal errors From bdb42a8462f7315af716816624f2ccd22bf4a911 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 19 Dec 2023 11:13:55 -0500 Subject: [PATCH 17/22] flake8 changes for generate_dev_user.py --- .../users/management/commands/generate_dev_user.py | 5 +++-- tdrs-frontend/.env | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py index e95bfbce3..fcb4932a0 100755 --- a/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py +++ b/tdrs-backend/tdpservice/users/management/commands/generate_dev_user.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +"""generate_dev_user command.""" from django.contrib.auth import get_user_model from django.contrib.auth.models import Group @@ -12,8 +12,10 @@ last = "Tester" class Command(BaseCommand): + """Command class.""" def handle(self, *args, **options): + """Generate dev user if it doesn't exist.""" try: user = User.objects.get(username=email) print(f"Found {vars(user)}") @@ -30,4 +32,3 @@ def handle(self, *args, **options): account_approval_status="Approved") user.groups.add(group) print(f"Created {vars(user)}") - diff --git a/tdrs-frontend/.env b/tdrs-frontend/.env index a0abd8b0b..55fdf303d 100644 --- a/tdrs-frontend/.env +++ b/tdrs-frontend/.env @@ -4,7 +4,7 @@ # WARNING: This file is checked in to source control, do NOT store any secrets in this file # -#REACT_APP_DEVAUTH=dev@test.com +REACT_APP_DEVAUTH=dev@test.com # The hostname behind the tdrs-backend Django app REACT_APP_BACKEND_HOST=http://127.0.0.1:8080 From c71c64798a540713fd0a7761ba83079efe4e0d2d Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Thu, 4 Jan 2024 13:43:12 -0500 Subject: [PATCH 18/22] Fixed Profile primaryRole bug --- tdrs-frontend/src/components/Profile/Profile.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tdrs-frontend/src/components/Profile/Profile.jsx b/tdrs-frontend/src/components/Profile/Profile.jsx index 232fc3470..5ae65cdeb 100644 --- a/tdrs-frontend/src/components/Profile/Profile.jsx +++ b/tdrs-frontend/src/components/Profile/Profile.jsx @@ -12,7 +12,7 @@ import { function Profile() { const user = useSelector((state) => state.auth.user) // Most higher-env users will only have a single role, so just grab the first one. - const primaryRole = user?.roles[0] + const primaryRole = user?.roles?.[0] const missingAccessRequest = useSelector(accountIsMissingAccessRequest) const isAccessRequestPending = useSelector(accountIsInReview) From 1ccaaff80ab68ceaa412d6853eadca131af628cf Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Thu, 4 Jan 2024 13:50:25 -0500 Subject: [PATCH 19/22] Disabled REACT_APP_DEVAUTH for general cases --- tdrs-frontend/.env | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tdrs-frontend/.env b/tdrs-frontend/.env index 55fdf303d..882a4aafa 100644 --- a/tdrs-frontend/.env +++ b/tdrs-frontend/.env @@ -4,7 +4,8 @@ # WARNING: This file is checked in to source control, do NOT store any secrets in this file # -REACT_APP_DEVAUTH=dev@test.com +# Uncomment for local dev only! +#REACT_APP_DEVAUTH=dev@test.com # The hostname behind the tdrs-backend Django app REACT_APP_BACKEND_HOST=http://127.0.0.1:8080 From c6702bfa438f58c231af0f63e50be037964fc675 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Mon, 8 Jan 2024 10:48:23 -0500 Subject: [PATCH 20/22] Added pre-existing user condition to DEVAUTH check Removed login.py logging --- tdrs-backend/tdpservice/users/api/authorization_check.py | 2 +- tdrs-backend/tdpservice/users/api/login.py | 1 - tdrs-frontend/src/index.js | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/tdrs-backend/tdpservice/users/api/authorization_check.py b/tdrs-backend/tdpservice/users/api/authorization_check.py index ddcfcb1be..3ac867be0 100644 --- a/tdrs-backend/tdpservice/users/api/authorization_check.py +++ b/tdrs-backend/tdpservice/users/api/authorization_check.py @@ -21,7 +21,7 @@ class AuthorizationCheck(APIView): def get(self, request, *args, **kwargs): """Handle get request and verify user is authorized.""" - logger.debug(f"{self.__class__.__name__}: {request} {args} {kwargs}") + logger.debug(f"{self.__class__.__name__}: {request} {request.user} {args} {kwargs}") user = request.user serializer = UserProfileSerializer(user) diff --git a/tdrs-backend/tdpservice/users/api/login.py b/tdrs-backend/tdpservice/users/api/login.py index 0efdf5cce..338508148 100644 --- a/tdrs-backend/tdpservice/users/api/login.py +++ b/tdrs-backend/tdpservice/users/api/login.py @@ -395,7 +395,6 @@ class CypressLoginDotGovAuthenticationOverride(TokenAuthorizationOIDC): def post(self, request): """Create a session for the specified user, if they exist.""" - logging.debug(f"{self.__class__.__name__}: {request} ; {request.data}") username = request.data.get('username', None) token = request.data.get('token', None) diff --git a/tdrs-frontend/src/index.js b/tdrs-frontend/src/index.js index 394371280..809c03c6c 100644 --- a/tdrs-frontend/src/index.js +++ b/tdrs-frontend/src/index.js @@ -43,7 +43,7 @@ function devLogin(devEmail) { // call auth_check const store = configureStore() -if (process.env.REACT_APP_DEVAUTH) { +if (process.env.REACT_APP_DEVAUTH && !store.getState().auth?.user) { devLogin(process.env.REACT_APP_DEVAUTH) } store.dispatch(fetchAuth()) From 6003e338f9a8802c695c7f7b6fbcbc154bdda168 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Mon, 8 Jan 2024 19:08:37 -0500 Subject: [PATCH 21/22] Reverted changes to CustomAuthentication.authenticate --- .../tdpservice/users/authentication.py | 31 ++++++------------- 1 file changed, 9 insertions(+), 22 deletions(-) diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index b1cc56f0e..d238771ff 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -3,7 +3,6 @@ from django.contrib.auth import get_user_model from rest_framework.authentication import BaseAuthentication -from rest_framework.request import Request import logging logger = logging.getLogger(__name__) @@ -11,41 +10,29 @@ class CustomAuthentication(BaseAuthentication): """Define authentication and get user functions for custom authentication.""" @staticmethod - def authenticate(request=None, username=None, login_gov_uuid=None, hhs_id=None): + def authenticate(username=None, login_gov_uuid=None, hhs_id=None): """Authenticate user with the request and username.""" - # HACK: This method currently needs to support two unrelated workflows. - # References: - # tdpservice/users/api/login.py:TokenAuthorizationOIDC.handleUser - # https://www.django-rest-framework.org/api-guide/authentication - if type(request) == Request: - username = request.data.get('username') - logging.debug(f"CustomAuthentication::authenticate: {request} {request.data} " - f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") - else: - logging.debug(f"CustomAuthentication::authenticate: {username} " - f"login_gov_id={login_gov_uuid} hhs_id={hhs_id}") User = get_user_model() + logging.debug("CustomAuthentication::authenticate:hhs_id {}".format(hhs_id)) + logging.debug("CustomAuthentication::authenticate:login_gov_uuid {}".format(login_gov_uuid)) + logging.debug("CustomAuthentication::authenticate:username {}".format(username)) try: if hhs_id: try: - user_obj = User.objects.get(hhs_id=hhs_id) + return User.objects.get(hhs_id=hhs_id) except User.DoesNotExist: # If below line also fails with User.DNE, will bubble up and return None user = User.objects.filter(username=username) user.update(hhs_id=hhs_id) logging.debug("Updated user {} with hhs_id {}.".format(username, hhs_id)) - user_obj = User.objects.get(hhs_id=hhs_id) + return User.objects.get(hhs_id=hhs_id) elif login_gov_uuid: - user_obj = User.objects.get(login_gov_uuid=login_gov_uuid) + return User.objects.get(login_gov_uuid=login_gov_uuid) else: - user_obj = User.objects.get(username=username) + return User.objects.get(username=username) except User.DoesNotExist: - user_obj = None - logging.debug(f"CustomAuthentication::authenticate found user: {user_obj}") - if type(request) == Request: - return (user_obj, None) if user_obj else None - return user_obj + return None @staticmethod def get_user(user_id): From f72ec10f46a6703d55cf4b6b0f4f811121e78e91 Mon Sep 17 00:00:00 2001 From: Thomas Tignor Date: Tue, 9 Jan 2024 07:17:36 -0500 Subject: [PATCH 22/22] Added CustomAuthentication.authenticate TODO and improved logging --- tdrs-backend/tdpservice/users/authentication.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tdrs-backend/tdpservice/users/authentication.py b/tdrs-backend/tdpservice/users/authentication.py index d238771ff..4002f440c 100644 --- a/tdrs-backend/tdpservice/users/authentication.py +++ b/tdrs-backend/tdpservice/users/authentication.py @@ -12,10 +12,13 @@ class CustomAuthentication(BaseAuthentication): @staticmethod def authenticate(username=None, login_gov_uuid=None, hhs_id=None): """Authenticate user with the request and username.""" + # TODO: Provide separate implementations for two unrelated workflows + # both using this method. (The latter appears to always fail.) + # References: + # tdpservice/users/api/login.py:TokenAuthorizationOIDC.handleUser + # https://www.django-rest-framework.org/api-guide/authentication User = get_user_model() - logging.debug("CustomAuthentication::authenticate:hhs_id {}".format(hhs_id)) - logging.debug("CustomAuthentication::authenticate:login_gov_uuid {}".format(login_gov_uuid)) - logging.debug("CustomAuthentication::authenticate:username {}".format(username)) + logging.debug(f"CustomAuthentication::authenticate: {username}, {login_gov_uuid}, {hhs_id}") try: if hhs_id: try: