Merge pull request #17 from SEL-Columbia/0.1.5-dev

0.1.5

minigrid/error.py

@@ -15,6 +15,7 @@ def __init__(self, reason, status_code, template_name, **template_kwargs):
         self.template_name = template_name
         self.log_message = None
         self.template_kwargs = template_kwargs
+        template_kwargs['next_page'] = '/'
 
 
 class LoginError(MinigridHTTPError):

minigrid/handlers.py

@@ -3,6 +3,10 @@
 from urllib.parse import urlencode
 from uuid import uuid4
 
+from asyncio_portier import get_verified_email
+
+import redis
+
 from sqlalchemy.dialects.postgresql import insert
 from sqlalchemy.exc import DataError, IntegrityError
 from sqlalchemy.orm.exc import NoResultFound, UnmappedInstanceError
@@ -12,7 +16,10 @@
 import minigrid.error
 import minigrid.models as models
 from minigrid.options import options
-from minigrid.portier import get_verified_email, redis_kv
+
+
+cache = redis.StrictRedis.from_url(options.redis_url)
+broker_url = 'https://broker.portier.io'
 
 
 class BaseHandler(tornado.web.RequestHandler):
@@ -65,12 +72,15 @@ def get(self):
             self.render(
                 'index-minigrid-list.html', system=system, minigrids=minigrids)
             return
-        self.render('index-logged-out.html')
+        self.render(
+            'index-logged-out.html', next_page=self.get_argument('next', '/'))
 
     def post(self):
         """Send login information to the portier broker."""
         nonce = uuid4().hex
-        redis_kv.setex(nonce, timedelta(minutes=15), '')
+        next_page = self.get_argument('next', '/')
+        expiration = timedelta(minutes=15)
+        cache.set('portier:nonce:{}'.format(nonce), next_page, expiration)
         query_args = urlencode({
             'login_hint': self.get_argument('email'),
             'scope': 'openid email',
@@ -79,7 +89,7 @@ def post(self):
             'response_mode': 'form_post',
             'client_id': options.minigrid_website_url,
             'redirect_uri': options.minigrid_website_url + '/verify'})
-        self.redirect('https://broker.portier.io/auth?' + query_args)
+        self.redirect(broker_url + '/auth?' + query_args)
 
 
 class TariffsHandler(BaseHandler):
@@ -360,7 +370,15 @@ async def post(self):
             raise minigrid.error.LoginError(
                 reason=f'Broker Error: {error}: {description}')
         token = self.get_argument('id_token')
-        email = await get_verified_email(token)
+        try:
+            email, next_page = await get_verified_email(
+                broker_url,
+                token,
+                options.minigrid_website_url,
+                broker_url,
+                cache)
+        except ValueError as exc:
+            raise minigrid.error.LoginError(reason=str(exc))
         try:
             user = (
                 self.session
@@ -373,7 +391,7 @@ async def post(self):
         self.set_secure_cookie(
             'user', str(user.user_id),
             httponly=True, secure=options.minigrid_https)
-        self.redirect(self.get_argument('next', '/'))
+        self.redirect(next_page)
 
 
 class LogoutHandler(BaseHandler):

minigrid/templates/index-logged-out.html

@@ -4,7 +4,7 @@
   {% if message is not None %}
   <p><strong>Login unsuccessful: {{ message }}</strong></p>
   {% end %}
-  <form action="/" method="POST">
+  <form action="/?next={{ next_page }}" method="POST">
     {% module xsrf_form_html() %}
     E-mail: <input type="email" name="email" />
     <input type="submit" value="Log In" />

prod/docker-compose.yml

@@ -1,7 +1,7 @@
 version: '2'
 services:
   minigrid:
-    image: selcolumbia/minigrid-server:0.1.4
+    image: selcolumbia/minigrid-server:0.1.5
     command: ./prod/run.sh --db_host=db --redis_url=redis://redis:6379/0 --minigrid-website-url=https://www.example.com
     depends_on:
       - redis

prod/install.sh

@@ -1,5 +1,5 @@
 #!/usr/bin/env sh
-# Minigrid Server installer for version 0.1.4
+# Minigrid Server installer for version 0.1.5
 set -e
 
 # Do you have docker installed?
@@ -108,8 +108,8 @@ $SUDO openssl dhparam -out /etc/letsencrypt/live/$LETSENCRYPT_DIR/dhparam.pem 20
 printf "========================================\n"
 printf " Generating configuration               \n"
 printf "========================================\n"
-$CURL -L https://raw.githubusercontent.com/SEL-Columbia/minigrid-server/0.1.4/prod/docker-compose.yml > docker-compose.yml
-$CURL -L https://raw.githubusercontent.com/SEL-Columbia/minigrid-server/0.1.4/prod/nginx.conf > nginx.conf
+$CURL -L https://raw.githubusercontent.com/SEL-Columbia/minigrid-server/0.1.5/prod/docker-compose.yml > docker-compose.yml
+$CURL -L https://raw.githubusercontent.com/SEL-Columbia/minigrid-server/0.1.5/prod/nginx.conf > nginx.conf
 
 sed -i s/www.example.com/$LETSENCRYPT_DIR/g docker-compose.yml
 sed -i s/www.example.com/$LETSENCRYPT_DIR/g nginx.conf

requirements.txt

@@ -1,3 +1,4 @@
+asyncio-portier==0.1.0.post1
 cryptography==1.5.3
 psycopg2==2.6.2
 PyJWT==1.4.2

tests/__init__.py

@@ -0,0 +1 @@
+"""Tests for minigrid-server."""

tests/python/__init__.py

@@ -0,0 +1 @@
+"""Python tests for minigrid-server."""

tests/python/coverage_run.sh

@@ -2,6 +2,6 @@
 set -e
 bash -c "psql -d minigrid -c 'drop schema if exists minigrid_test cascade;' -U postgres 1&>/dev/null"
 coverage erase
-coverage run --source=minigrid,server.py --branch -m unittest ${@:-discover tests.python}
+coverage run --source=minigrid,server.py --branch -m unittest
 coverage html
 coverage report -m

tests/python/test_handlers.py

@@ -11,7 +11,7 @@
 from tests.python.util import HTTPTest, CoroMock
 
 from minigrid import models
-from minigrid.portier import redis_kv
+from minigrid.handlers import cache
 from server import Application
 
 
@@ -796,12 +796,25 @@ def test_login_success(self):
         self.assertResponseCode(response, 302)
         query = parse_qs(urlparse(response.headers['Location']).query)
         self.assertEqual(query['login_hint'][0], 'a@a.com')
-        self.assertIn(query['nonce'][0].encode(), redis_kv)
+        self.assertIn(('portier:nonce:' + query['nonce'][0]).encode(), cache)
         self.assertTrue(query['redirect_uri'][0].endswith('/verify'))
 
+    @patch('minigrid.handlers.get_verified_email', new_callable=CoroMock)
+    def test_verify_value_error(self, get_verified_email):
+        get_verified_email.coro.side_effect = ValueError('error')
+        self.create_user()
+        with ExpectLog('tornado.access', '400'):
+            response = self.fetch(
+                '/verify?id_token=',
+                method='POST', body='', follow_redirects=False
+            )
+        self.assertResponseCode(response, 400)
+        self.assertEqual(
+            response.error.message, 'error')
+
     @patch('minigrid.handlers.get_verified_email', new_callable=CoroMock)
     def test_verify(self, get_verified_email):
-        get_verified_email.coro.return_value = 'a@a.com'
+        get_verified_email.coro.return_value = 'a@a.com', ''
         self.create_user()
         response = self.fetch(
             '/verify?id_token=', method='POST', body='', follow_redirects=False
@@ -815,7 +828,7 @@ def test_verify(self, get_verified_email):
 
     @patch('minigrid.handlers.get_verified_email', new_callable=CoroMock)
     def test_verify_user_does_not_exist(self, get_verified_email):
-        get_verified_email.coro.return_value = 'a@a.com'
+        get_verified_email.coro.return_value = 'a@a.com', ''
         with ExpectLog('tornado.access', '400'):
             response = self.fetch('/verify?id_token=', method='POST', body='')
         self.assertResponseCode(response, 400)