-
-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FEAT: User Auth on Diagnostics Page #441
Merged
Merged
Changes from 27 commits
Commits
Show all changes
32 commits
Select commit
Hold shift + click to select a range
8c36beb
Remove sync message
ba7b461
Add login form and auth view
c602abe
Fix login error message bug. Add logout button to diag page.
7e01e6b
Use blocks to promote reuse in HTML templates
d64b5b8
Update button colours, add password change form
57922cb
Add password strength test
8aa0c08
Resolve SonarQube code smell
dd43dd6
Refactor auth file writing
da51621
Remove deprecated HTML tags
c05f3d8
Fix typo
70857a9
Merge pull request #440 from robputt/FEAT-user-auth
robputt 4b30054
Fix failing tests since changes
803f23b
Style updates
05bb898
Refactor password write function
3cf29e0
Instantiate empty alembic migrations
4b7d5a4
Update requirements
fefeb41
Add DB and migrations
ff8bda8
Move WSGI entrypoint to avoid imports error generating migrations dur…
f5e1707
Merge branch 'master' into FEAT-user-auth
robputt 66a8fbe
Only include the Python module hw_diag in Flake8, avoids failing auto…
12f968e
Fix up Dockerfile
ed8d39f
Run DB migrations on application start
a44fa13
Move from password file to sqlite3 DB
77f82ab
Move migrations runner out of app.py
6eea6f8
Add auth failures table
e663479
Lock login form if too many failures in last 10 minutes
a87c5d9
Fix tests
87d818c
Add password reset page
1916b46
Enhance password reset experience
cc0fb26
Check Iinternal IP and pre shared api key
720a994
Utilise JINJA2 template for unauthenticated pages
7a37d07
Add notice for devices without a button
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
# A generic, single database configuration. | ||
|
||
[alembic] | ||
# path to migration scripts | ||
script_location = migrations | ||
|
||
# template used to generate migration file names; The default value is %%(rev)s_%%(slug)s | ||
# Uncomment the line below if you want the files to be prepended with date and time | ||
# see https://alembic.sqlalchemy.org/en/latest/tutorial.html#editing-the-ini-file | ||
# for all available tokens | ||
# file_template = %%(year)d_%%(month).2d_%%(day).2d_%%(hour).2d%%(minute).2d-%%(rev)s_%%(slug)s | ||
|
||
# sys.path path, will be prepended to sys.path if present. | ||
# defaults to the current working directory. | ||
prepend_sys_path = . | ||
|
||
# timezone to use when rendering the date within the migration file | ||
# as well as the filename. | ||
# If specified, requires the python-dateutil library that can be | ||
# installed by adding `alembic[tz]` to the pip requirements | ||
# string value is passed to dateutil.tz.gettz() | ||
# leave blank for localtime | ||
# timezone = | ||
|
||
# max length of characters to apply to the | ||
# "slug" field | ||
# truncate_slug_length = 40 | ||
|
||
# set to 'true' to run the environment during | ||
# the 'revision' command, regardless of autogenerate | ||
# revision_environment = false | ||
|
||
# set to 'true' to allow .pyc and .pyo files without | ||
# a source .py file to be detected as revisions in the | ||
# versions/ directory | ||
# sourceless = false | ||
|
||
# version location specification; This defaults | ||
# to migrations/versions. When using multiple version | ||
# directories, initial revisions must be specified with --version-path. | ||
# The path separator used here should be the separator specified by "version_path_separator" below. | ||
# version_locations = %(here)s/bar:%(here)s/bat:migrations/versions | ||
|
||
# version path separator; As mentioned above, this is the character used to split | ||
# version_locations. The default within new alembic.ini files is "os", which uses os.pathsep. | ||
# If this key is omitted entirely, it falls back to the legacy behavior of splitting on spaces and/or commas. | ||
# Valid values for version_path_separator are: | ||
# | ||
# version_path_separator = : | ||
# version_path_separator = ; | ||
# version_path_separator = space | ||
version_path_separator = os # Use os.pathsep. Default configuration used for new projects. | ||
|
||
# the output encoding used when revision files | ||
# are written from script.py.mako | ||
# output_encoding = utf-8 | ||
|
||
sqlalchemy.url = sqlite:////var/data/hm_diag.db | ||
|
||
|
||
[post_write_hooks] | ||
# post_write_hooks defines scripts or Python functions that are run | ||
# on newly generated revision scripts. See the documentation for further | ||
# detail and examples | ||
|
||
# format using "black" - use the console_scripts runner, against the "black" entrypoint | ||
# hooks = black | ||
# black.type = console_scripts | ||
# black.entrypoint = black | ||
# black.options = -l 79 REVISION_SCRIPT_FILENAME | ||
|
||
# Logging configuration | ||
[loggers] | ||
keys = root,sqlalchemy,alembic | ||
|
||
[handlers] | ||
keys = console | ||
|
||
[formatters] | ||
keys = generic | ||
|
||
[logger_root] | ||
level = WARN | ||
handlers = console | ||
qualname = | ||
|
||
[logger_sqlalchemy] | ||
level = WARN | ||
handlers = | ||
qualname = sqlalchemy.engine | ||
|
||
[logger_alembic] | ||
level = INFO | ||
handlers = | ||
qualname = alembic | ||
|
||
[handler_console] | ||
class = StreamHandler | ||
args = (sys.stderr,) | ||
level = NOTSET | ||
formatter = generic | ||
|
||
[formatter_generic] | ||
format = %(levelname)-5.5s [%(name)s] %(message)s | ||
datefmt = %H:%M:%S |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +0,0 @@ | ||
from hw_diag.app import get_app | ||
|
||
wsgi_app = get_app(__name__) | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
from sqlalchemy.ext.declarative import declarative_base | ||
from sqlalchemy import create_engine | ||
from sqlalchemy.orm import sessionmaker | ||
|
||
from hw_diag.database.config import DB_URL | ||
|
||
|
||
BASE = declarative_base() | ||
|
||
|
||
def get_db_engine(debug=False): | ||
engine = create_engine(DB_URL, echo=debug) | ||
return engine | ||
|
||
|
||
def get_db_session(debug=False): | ||
sessmaker = sessionmaker(bind=get_db_engine(debug)) | ||
session = sessmaker() | ||
return session | ||
|
||
|
||
# These imports are down here to prevent cyclic imports | ||
# they are not used in this file but are required for | ||
# alembic to include tables in revision generation. | ||
from hw_diag.database.models.auth import AuthKeyValue # noqa: E402,F401 | ||
from hw_diag.database.models.auth import AuthFailure # noqa: E402,F401 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DB_URL = 'sqlite:////var/data/hm_diag.db' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
import logging | ||
from alembic.config import Config | ||
from alembic import command | ||
|
||
|
||
def run_migrations(script_location, dsn): | ||
logging.info('Running DB migrations in %r on %r', script_location, dsn) | ||
alembic_cfg = Config() | ||
alembic_cfg.set_main_option('script_location', script_location) | ||
alembic_cfg.set_main_option('sqlalchemy.url', dsn) | ||
command.upgrade(alembic_cfg, 'head') |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
from sqlalchemy import Column | ||
from sqlalchemy import String | ||
from sqlalchemy import DateTime | ||
|
||
|
||
from hw_diag.database import BASE | ||
|
||
|
||
class AuthKeyValue(BASE): | ||
__tablename__ = 'auth_kv' | ||
|
||
key = Column( | ||
String(60), | ||
nullable=False, | ||
primary_key=True | ||
) | ||
value = Column( | ||
String(250), | ||
nullable=False | ||
) | ||
|
||
|
||
class AuthFailure(BASE): | ||
__tablename__ = 'auth_failures' | ||
|
||
dt = Column( | ||
DateTime(), | ||
nullable=False, | ||
primary_key=True | ||
) | ||
ip = Column( | ||
String(45), | ||
nullable=True | ||
) |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shall we add pytest-cov to test-requirememts and add
--cov=hw_diag --cov=bigquery --cov-fail-under=70
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally I would agree, but I think it's out of scope of this PR. Let's raise this in a separate PR if there is a policy change regarding coverage.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I mean, we have that on other repos such as config https://github.com/NebraLtd/hm-config/blob/c580b108ecacedae69b3b0c2954704646d2118a0/.github/workflows/python-tests.yml#L22
But yeah can put in a follow up ticket if that's easier
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Follow up ticket #445