master
Tal Leibman 4 years ago committed by Tom Hacohen
parent 72d4a725f5
commit 2e5dd58657

@ -3,6 +3,8 @@ import os
from django.core.wsgi import get_wsgi_application from django.core.wsgi import get_wsgi_application
from fastapi.middleware.cors import CORSMiddleware from fastapi.middleware.cors import CORSMiddleware
from django.conf import settings
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "etebase_server.settings") os.environ.setdefault("DJANGO_SETTINGS_MODULE", "etebase_server.settings")
application = get_wsgi_application() application = get_wsgi_application()
from fastapi import FastAPI, Request from fastapi import FastAPI, Request
@ -17,6 +19,10 @@ VERSION = "v1"
BASE_PATH = f"/api/{VERSION}" BASE_PATH = f"/api/{VERSION}"
app.include_router(authentication_router, prefix=f"{BASE_PATH}/authentication") app.include_router(authentication_router, prefix=f"{BASE_PATH}/authentication")
app.include_router(collection_router, prefix=f"{BASE_PATH}/collection") app.include_router(collection_router, prefix=f"{BASE_PATH}/collection")
if settings.DEBUG:
from .test_reset_view import test_reset_view_router
app.include_router(test_reset_view_router, prefix=f"{BASE_PATH}/test/authentication")
app.add_middleware( app.add_middleware(
CORSMiddleware, allow_origin_regex="https?://.*", allow_credentials=True, allow_methods=["*"], allow_headers=["*"] CORSMiddleware, allow_origin_regex="https?://.*", allow_credentials=True, allow_methods=["*"], allow_headers=["*"]
) )

@ -217,7 +217,6 @@ def validate_login_request(
detail = 'Found wrong host name. Got: "{}" expected: "{}"'.format(validated_data.host, host_from_request) detail = 'Found wrong host name. Got: "{}" expected: "{}"'.format(validated_data.host, host_from_request)
content = {"code": "wrong_host", "detail": detail} content = {"code": "wrong_host", "detail": detail}
return MsgpackResponse(content, status_code=status.HTTP_400_BAD_REQUEST) return MsgpackResponse(content, status_code=status.HTTP_400_BAD_REQUEST)
verify_key = nacl.signing.VerifyKey(bytes(user.userinfo.loginPubkey), encoder=nacl.encoding.RawEncoder) verify_key = nacl.signing.VerifyKey(bytes(user.userinfo.loginPubkey), encoder=nacl.encoding.RawEncoder)
try: try:
@ -272,7 +271,6 @@ async def change_password(data: ChangePassword, request: Request, user: User = D
return Response(status_code=status.HTTP_204_NO_CONTENT) return Response(status_code=status.HTTP_204_NO_CONTENT)
@sync_to_async
def signup_save(data: SignupIn) -> User: def signup_save(data: SignupIn) -> User:
user_data = data.user user_data = data.user
with transaction.atomic(): with transaction.atomic():
@ -309,7 +307,7 @@ def send_user_signed_up_async(user: User, request):
@authentication_router.post("/signup/") @authentication_router.post("/signup/")
async def signup(data: SignupIn): async def signup(data: SignupIn):
user = await signup_save(data) user = await sync_to_async(signup_save)(data)
# XXX-TOM # XXX-TOM
data = await login_response_data(user) data = await login_response_data(user)
await send_user_signed_up_async(user, None) await send_user_signed_up_async(user, None)

@ -0,0 +1,39 @@
from django.conf import settings
from django.contrib.auth import get_user_model
from django.db import transaction
from django.shortcuts import get_object_or_404
from fastapi import APIRouter, Response, status, Depends
from django_etebase.utils import get_user_queryset
from etebase_fastapi.authentication import get_authenticated_user, SignupIn, signup_save
from etebase_fastapi.msgpack import MsgpackRoute
test_reset_view_router = APIRouter(route_class=MsgpackRoute)
User = get_user_model()
@test_reset_view_router.post("/reset/")
def reset(data: SignupIn):
# Only run when in DEBUG mode! It's only used for tests
if not settings.DEBUG:
return Response("Only allowed in debug mode.", status_code=status.HTTP_400_BAD_REQUEST)
with transaction.atomic():
# XXX-TOM
user_queryset = get_user_queryset(User.objects.all(), None)
user = get_object_or_404(user_queryset, username=data.user.username)
# Only allow test users for extra safety
if not getattr(user, User.USERNAME_FIELD).startswith("test_user"):
return Response("Endpoint not allowed for user.", status_code=status.HTTP_400_BAD_REQUEST)
if hasattr(user, "userinfo"):
user.userinfo.delete()
signup_save(data)
# Delete all of the journal data for this user for a clear test env
user.collection_set.all().delete()
user.collectionmember_set.all().delete()
user.incoming_invitations.all().delete()
# FIXME: also delete chunk files!!!
return Response(status_code=status.HTTP_204_NO_CONTENT)
Loading…
Cancel
Save