From 66856b74599a4f2407e639a6e545268a964202b4 Mon Sep 17 00:00:00 2001 From: Florian Knappers <73856313+JJFlorian@users.noreply.github.com> Date: Thu, 28 Mar 2024 15:36:47 +0100 Subject: [PATCH 1/6] setup nens-auth-client --- brostar/settings.py | 14 ++++++++++++++ brostar/urls.py | 13 ++++++------- docker-compose.yml | 9 ++++++--- requirements.txt | 2 ++ 4 files changed, 28 insertions(+), 10 deletions(-) diff --git a/brostar/settings.py b/brostar/settings.py index 47091b0..b83b4fe 100644 --- a/brostar/settings.py +++ b/brostar/settings.py @@ -3,6 +3,9 @@ from pathlib import Path FIELD_ENCRYPTION_KEY = os.getenv("FIELD_ENCRYPTION_KEY") +NENS_AUTH_ISSUER = os.getenv("NENS_AUTH_ISSUER") +NENS_AUTH_CLIENT_ID = os.getenv("NENS_AUTH_CLIENT_ID") +NENS_AUTH_CLIENT_SECRET = os.getenv("NENS_AUTH_CLIENT_SECRET") # Environment variables can get a default value from docker-compose itself *or* from a # `.env` file, as docker-compose automatically reads that (if the environment variable # itself is mentioned in the compose file). @@ -33,6 +36,7 @@ "api.apps.ApiConfig", "gmn.apps.GmnConfig", "gmw.apps.GmwConfig", + "nens_auth_client", "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", @@ -58,6 +62,16 @@ "corsheaders.middleware.CorsMiddleware", ] + +AUTHENTICATION_BACKENDS = [ + "nens_auth_client.backends.RemoteUserBackend", + "nens_auth_client.backends.AcceptNensBackend", + "nens_auth_client.backends.TrustedProviderMigrationBackend", + "django.contrib.auth.backends.ModelBackend", +] + + + ROOT_URLCONF = "brostar.urls" TEMPLATES = [ diff --git a/brostar/urls.py b/brostar/urls.py index 2401390..0a1bf19 100644 --- a/brostar/urls.py +++ b/brostar/urls.py @@ -20,10 +20,9 @@ from drf_yasg import openapi from drf_yasg.views import get_schema_view from rest_framework import permissions -from rest_framework_simplejwt.views import ( - TokenObtainPairView, - TokenRefreshView, -) + +from nens_auth_client.urls import override_admin_auth +from nens_auth_client.urls import override_rest_framework_auth from api import views @@ -41,7 +40,10 @@ ) urlpatterns = [ + path("auth/", include("nens_auth_client.urls", namespace="auth")), + *override_admin_auth(), path("admin/", admin.site.urls), + *override_rest_framework_auth(), path( "swagger/", schema_view.with_ui("swagger", cache_timeout=0), @@ -49,9 +51,6 @@ ), path("redoc/", schema_view.with_ui("redoc", cache_timeout=0), name="schema-redoc"), path("api/", include(("api.urls", "api"), namespace="api")), - path("api/token/", TokenObtainPairView.as_view(), name="token_obtain_pair"), - path("api/token/refresh/", TokenRefreshView.as_view(), name="token_refresh"), - path("api-auth/logout/", views.LogoutView.as_view(), name="logout"), ] diff --git a/docker-compose.yml b/docker-compose.yml index 95f1399..e6c205d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -21,6 +21,9 @@ services: environment: - DJANGO_SETTINGS_MODULE=brostar.settings - FIELD_ENCRYPTION_KEY="DUMMY-NEEDS-PROD-SETTING-Xgb1GczqZe909UMNc4= + - NENS_AUTH_ISSUER + - NENS_AUTH_CLIENT_ID + - NENS_AUTH_CLIENT_SECRET build: . command: celery -A brostar worker --loglevel=INFO volumes: @@ -48,9 +51,9 @@ services: - DEBUG - FIELD_ENCRYPTION_KEY="DUMMY-NEEDS-PROD-SETTING-Xgb1GczqZe909UMNc4= # - SENTRY_DSN - # - NENS_AUTH_ISSUER - # - NENS_AUTH_CLIENT_ID - # - NENS_AUTH_CLIENT_SECRET + - NENS_AUTH_ISSUER + - NENS_AUTH_CLIENT_ID + - NENS_AUTH_CLIENT_SECRET depends_on: - db - redis diff --git a/requirements.txt b/requirements.txt index 99be17d..9ea97a9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,5 @@ -e .[test] +--extra-index-url https://packages.lizard.net # TODO: dependencies django == 5.0.1 @@ -18,6 +19,7 @@ python-dotenv django-encrypted-model-fields django-filter djangorestframework-simplejwt +nens-auth-client # development tools ruff From 4886a185726a0bea899b8640f6afec243824d422 Mon Sep 17 00:00:00 2001 From: Florian Knappers <73856313+JJFlorian@users.noreply.github.com> Date: Thu, 28 Mar 2024 16:08:52 +0100 Subject: [PATCH 2/6] removed simple jwt --- api/views.py | 3 --- brostar/settings.py | 4 +--- brostar/urls.py | 6 +----- requirements.txt | 1 - 4 files changed, 2 insertions(+), 12 deletions(-) diff --git a/api/views.py b/api/views.py index 6beb607..4a54d4c 100644 --- a/api/views.py +++ b/api/views.py @@ -28,9 +28,6 @@ class APIOverview(views.APIView): def get(self, request, format=None): data = { - "api-token": drf_reverse( - "token_obtain_pair", request=request, format=format - ), "userprofile": drf_reverse( "api:userprofile-list", request=request, format=format ), diff --git a/brostar/settings.py b/brostar/settings.py index b83b4fe..e2424df 100644 --- a/brostar/settings.py +++ b/brostar/settings.py @@ -47,7 +47,6 @@ "drf_yasg", "corsheaders", "django_filters", - "rest_framework_simplejwt", "encrypted_model_fields", ] @@ -71,7 +70,6 @@ ] - ROOT_URLCONF = "brostar.urls" TEMPLATES = [ @@ -175,9 +173,9 @@ "PAGE_SIZE": 1000, "DEFAULT_FILTER_BACKENDS": ["django_filters.rest_framework.DjangoFilterBackend"], "DEFAULT_AUTHENTICATION_CLASSES": ( + "nens_auth_client.rest_framework.OAuth2TokenAuthentication", "rest_framework.authentication.BasicAuthentication", "rest_framework.authentication.SessionAuthentication", - "rest_framework_simplejwt.authentication.JWTAuthentication", ), } diff --git a/brostar/urls.py b/brostar/urls.py index 0a1bf19..9858ff6 100644 --- a/brostar/urls.py +++ b/brostar/urls.py @@ -19,13 +19,9 @@ from django.urls import include, path from drf_yasg import openapi from drf_yasg.views import get_schema_view +from nens_auth_client.urls import override_admin_auth, override_rest_framework_auth from rest_framework import permissions -from nens_auth_client.urls import override_admin_auth -from nens_auth_client.urls import override_rest_framework_auth - -from api import views - schema_view = get_schema_view( openapi.Info( title="BROStar API", diff --git a/requirements.txt b/requirements.txt index 9ea97a9..357a04b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -18,7 +18,6 @@ xmltodict python-dotenv django-encrypted-model-fields django-filter -djangorestframework-simplejwt nens-auth-client # development tools From 333394ecc8132b5f007eec7f8809720d842a40a8 Mon Sep 17 00:00:00 2001 From: Florian Knappers <73856313+JJFlorian@users.noreply.github.com> Date: Thu, 28 Mar 2024 16:10:22 +0100 Subject: [PATCH 3/6] removed simple JWT settings --- brostar/settings.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/brostar/settings.py b/brostar/settings.py index e2424df..9aed3a1 100644 --- a/brostar/settings.py +++ b/brostar/settings.py @@ -190,6 +190,3 @@ BRONHOUDERSPORTAAL_URL = "https://acc.bronhouderportaal-bro.nl" # BRONHOUDERSPORTAAL_URL = "https://www.bronhouderportaal-bro.nl" -SIMPLE_JWT = { - "ACCESS_TOKEN_LIFETIME": timedelta(hours=5), -} From 4c3e9ec2fb695f48f2cbe35cb80816af8f095ab1 Mon Sep 17 00:00:00 2001 From: Florian Knappers <73856313+JJFlorian@users.noreply.github.com> Date: Thu, 28 Mar 2024 16:15:57 +0100 Subject: [PATCH 4/6] precommit --- brostar/settings.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/brostar/settings.py b/brostar/settings.py index 9aed3a1..b34460d 100644 --- a/brostar/settings.py +++ b/brostar/settings.py @@ -1,5 +1,4 @@ import os -from datetime import timedelta from pathlib import Path FIELD_ENCRYPTION_KEY = os.getenv("FIELD_ENCRYPTION_KEY") @@ -189,4 +188,3 @@ BRO_UITGIFTE_SERVICE_URL = "https://publiek.broservices.nl" BRONHOUDERSPORTAAL_URL = "https://acc.bronhouderportaal-bro.nl" # BRONHOUDERSPORTAAL_URL = "https://www.bronhouderportaal-bro.nl" - From f96ec43edd5d16dd493cc62bec9199ea597babcf Mon Sep 17 00:00:00 2001 From: Florian Knappers <73856313+JJFlorian@users.noreply.github.com> Date: Fri, 29 Mar 2024 09:46:12 +0100 Subject: [PATCH 5/6] added cors allowed origins --- brostar/settings.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/brostar/settings.py b/brostar/settings.py index b34460d..a9d33bf 100644 --- a/brostar/settings.py +++ b/brostar/settings.py @@ -28,6 +28,10 @@ ALLOWED_HOSTS = [] +CSRF_TRUSTED_ORIGINS = [ + 'http://localhost:4200', +] + # Application definition From a3fc2bdc5dec820e8c8530a672751ed4d1d7f0c5 Mon Sep 17 00:00:00 2001 From: Florian Knappers <73856313+JJFlorian@users.noreply.github.com> Date: Fri, 29 Mar 2024 09:47:49 +0100 Subject: [PATCH 6/6] precommit --- brostar/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/brostar/settings.py b/brostar/settings.py index a9d33bf..e7026e0 100644 --- a/brostar/settings.py +++ b/brostar/settings.py @@ -29,7 +29,7 @@ ALLOWED_HOSTS = [] CSRF_TRUSTED_ORIGINS = [ - 'http://localhost:4200', + "http://localhost:4200", ]