Moved into .env files and refactored code

bz22 · bz22 · commit be8f71d4ef0b · 2020-07-09T17:56:52.000-04:00
diff --git a/backend/conduit/config.py b/backend/conduit/config.py
@@ -0,0 +1,12 @@
+import os
+from dotenv import load_dotenv
+from os.path import dirname, join
+
+dotenv_path = join(dirname(__file__), '.env')
+load_dotenv(dotenv_path)
+
+GITHUB_CLIENT = os.environ.get('GITHUB_ID')
+GITHUB_SECRET = os.environ.get('GITHUB_SECRET')
+ACCESS_TOKEN_URL = os.environ.get('ACCESS_TOKEN_URL')
+GITHUB_API = os.environ.get('GITHUB_API')
+STATE = os.environ.get('STATE') 
diff --git a/backend/conduit/user/views.py b/backend/conduit/user/views.py
@@ -11,7 +11,9 @@
 from conduit.profile.models import UserProfile
 from .models import User
 from .serializers import user_schema
+from conduit.config import GITHUB_CLIENT, GITHUB_SECRET, ACCESS_TOKEN_URL, GITHUB_API, STATE
 import requests
+import os
 
 blueprint = Blueprint('user', __name__)
 
@@ -65,62 +67,39 @@ def update_user(**kwargs):
     user.update(**kwargs)
     return user
 
-#TODO:
-#1) we have to add the state to make sure no third party access when sending code
-#2) change this away from username, only allows me to call the thing username cause of user_schema.
-#if bit_token invalid and access_tok still valid, just reauthenticate with new code and stuff
-#if access_token invalid but bit_token valid, ignore until bit_token gets invalid
-
-#Note: the parameter is username but it should be changed to github_code
-#i just get errors thrown if 
-
-@blueprint.route('/api/user/callback', methods = ('POST',))
+@blueprint.route('/api/user/callback/<github_code>/<state>', methods = ('GET',)) 
 @use_kwargs(user_schema)   
 @marshal_with(user_schema)
-def github_oauth(username, **kwargs):
-    #refactor and hide these
-
-    #NOTE: use try catch block later
-    payload = { 'client_id': "98574e099fa640413899",  
-                'client_secret': "272ac3010797de4cc29c5c0caf0bbd9df4d79832",
-                'code': username,
-                }
-    header = {
-        'Accept': 'application/json',
-    }
-
-    auth_response = requests.post('https://github.com/login/oauth/access_token', params=payload, headers=header).json()
-    
-    #if it's an error response, the access_token will not work (like if code is invalid)
-    #it won't have access_token key-value pair
-    #build in try catch!
-    access_token = auth_response["access_token"]
-    
-    auth_header = {"Authorization": "Bearer " + access_token}
-    data_response = requests.get('https://api.github.com/user', headers=auth_header).json()
-    email_response = requests.get('https://api.github.com/user/emails', headers=auth_header).json()
-
-    username = data_response["login"]
-    email = email_response[0]["email"]
-    github_id = data_response["id"]
-
-    user = User.query.filter_by(email=email).first()
-    if user is None:
-        userprofile = UserProfile(User(username, email, github_access_token = access_token).save()).save()
-        user = userprofile.user
-
-    user.token = create_access_token(identity=user, fresh=True)
-    return user
-
-# Flask Migrate
-
-# write code
-# run flaskdb migrate in the code
-# flaskdb upgrade in the code
-# Code isn't working because staging db uses staging code
-# Code isn't working on local because we don't have db
-
-# When doing github auth, we need to use flask db migrate to be able to add our cols 
-# to our remote db
-
+def github_oauth(github_code, state):
+    try:    
+        if (state.strip() != STATE):
+            raise InvalidUsage.user_not_found()
+
+        payload = { 'client_id': GITHUB_CLIENT,  
+                    'client_secret': GITHUB_SECRET,
+                    'code': github_code,
+                    }
+        header = {
+            'Accept': 'application/json',
+        }
+
+        auth_response = requests.post(ACCESS_TOKEN_URL, params=payload, headers=header).json()
+        access_token = auth_response["access_token"]
+
+        auth_header = {"Authorization": "Bearer " + access_token}
+        data_response = requests.get(GITHUB_API + 'user', headers=auth_header).json()
+        email_response = requests.get(GITHUB_API + 'user/emails', headers=auth_header).json()
+
+        username = data_response["login"]
+        email = email_response[0]["email"]
+        github_id = data_response["id"]
+
+        user = User.query.filter_by(email=email).first()
+        if user is None:
+            userprofile = UserProfile(User(username, email, github_access_token = access_token).save()).save()
+            user = userprofile.user
 
+        user.token = create_access_token(identity=user, fresh=True)
+        return user
+    except:
+        raise InvalidUsage.user_not_found() 
diff --git a/components/profile/LoginForm.tsx b/components/profile/LoginForm.tsx
@@ -1,9 +1,10 @@
 import Router from "next/router";
-import React from "react";
+import React, { useEffect } from "react";
 import { mutate } from "swr";
 
 import ListErrors from "../common/ListErrors";
 import UserAPI from "../../lib/api/user";
+import { CODE_URL, STATE, SCOPE, GITHUB_CLIENT } from "../../lib/utils/constant";
 
 const LoginForm = () => {
   const [isLoading, setLoading] = React.useState(false);
@@ -20,16 +21,20 @@ const LoginForm = () => {
     []
   );
 
+  const authorize_url = CODE_URL + "?client_id=" + GITHUB_CLIENT + "&scope=" + SCOPE 
+  + "&state=" + STATE;
+  
   let logging_in;
   if (typeof window !== "undefined"){
     const code = new URLSearchParams(window.location.search).get("code");
+    const state = new URLSearchParams(window.location.search).get("state");
     if (code){
       logging_in = (<p>Redirecting to home page...</p>);
-      React.useEffect(() => {
+      useEffect(() => {
 
           async function post_code(){
               try{
-              const {data, status} = await UserAPI.post_code(code);
+                const {data, status} = await UserAPI.post_code(code, state);
               console.log("begun await");
               if (data?.user){
                   console.log(data.user)
@@ -105,10 +110,8 @@ const LoginForm = () => {
           </button>
         </fieldset>
       </form>
-      <a href="https://github.com/login/oauth/authorize?client_id=98574e099fa640413899&scope=user+repo"
-            className="btn btn-lg btn-primary pull-xs-left"
-            >
-               Sign in through GitHub REAL</a>
+      <a href={authorize_url} className="btn btn-lg btn-primary pull-xs-right">
+               Sign in through Github</a>
       {logging_in}
     </>
   );
diff --git a/lib/api/user.ts b/lib/api/user.ts
@@ -138,11 +138,10 @@ const UserAPI = {
   },
   get: async (username) => axios.get(`${SERVER_BASE_URL}/profiles/${username}`),
 
-  post_code: async (username) => {
+  post_code: async (github_code, state) => {
     try{
-      const response = await axios.post(
-        `${SERVER_BASE_URL}/user/callback`,
-        JSON.stringify({ user: { username } }),
+      const response = await axios.get(
+        `${SERVER_BASE_URL}/user/callback/${encodeURIComponent(github_code)}/${encodeURIComponent(state)}`,
         {
           headers: {
             "Content-Type": "application/json",
diff --git a/lib/utils/constant.ts b/lib/utils/constant.ts
@@ -14,6 +14,12 @@ export const SERVER_BASE_URL = `http://127.0.0.1:5000/api`;
 
 export const APP_NAME = `conduit`;
 
+export const CODE_URL = 'https://github.com/login/oauth/authorize';
+export const GITHUB_CLIENT = '98574e099fa640413899';
+export const SCOPE = 'user+repo';
+//must conceal state later
+export const STATE = 'd3Asp0fK03M0Ldnwoi2Pnbh9knB2K335Ln';
+
 export const ARTICLE_QUERY_MAP = {
   "tab=feed": `${SERVER_BASE_URL}/articles/feed`,
   "tab=tag": `${SERVER_BASE_URL}/articles/tag`
