Add ODKToken Authentication Method #1705

DavisRayM · 2019-10-17T08:43:36Z

This PR adds a new Digest Authentication method name "ODKTokenAuthentication" which accepts an email and ODKToken generated on the onadata platform.

Changes Implemented in this PR

Add new ODK Token Model
Add new settings ODK_KEY_LIFETIME and ODK_TOKEN_LENGTH
Added new endpoint /api/v1/user/odk_token that accepts GET and POST requests
Added new authentication class ODKTokenAuthentication

- Create new tests for the odk_token action within TestConnectViewSet

- Rename id_token variable

…ODK_TOKEN_LENGTH

- Pass in a str instead of an object to DigestAuth

ivermac

lgtm!

onadata/apps/api/viewsets/connect_viewset.py

onadata/apps/api/models/odk_token.py

- Directly assigning values to data dict rather than use a function

- Store the key value in an encrypted format - Generate new migration for the ODKToken Model

- Check that passing the raw_token authenticates the user

- Change field 'odk_token' to 'enc_odk_token' - Change field 'expires_in' to 'active_till' - Update tests

- Regenerate migrations

- Chance Active and Inactive value - Recreate migrations

…tication

- Lint code

- Remove ODK_TOKEN_FERNET_KEY variable

- Minor Code Cleanup - Add ability to make PATCH Requests - Add ability to change ODKToken Status

- Minor code cleanup

- Test that ODK Token status can be changed through a PATCH request

onadata/apps/api/storage.py

onadata/apps/api/models/odk_token.py

- Change DigestAccountStorage to ODKTokenAccountStorage - Add additional information to the ODKTokenAccountStorage docstring

- Use ODKTokenAccountStorage while testing expiry date failure

onadata/apps/api/viewsets/connect_viewset.py

- Add get_partial_digest method - Check that the users ODK Token has not expired before returning a partial digest

- Create a key on GET if one is non-existent or non is active

- Use the token.expires property to check if the Token has expired

DavisRayM added 8 commits October 8, 2019 14:23

Add ODKToken Model

58155ad

Add odk_token action in ConnectViewSet

199d0d0

- Create new tests for the odk_token action within TestConnectViewSet

Fix failing test

7135c77

- Rename id_token variable

Add a post save hook on ODKToken Model to create partial digests

730cedf

Make the ODK Token Key length configurable through settings variable …

330f077

…ODK_TOKEN_LENGTH

Add Test for DigestAuthentication using email and ODK Token

f9d6cd2

Add test for ODK Token Model

379175d

Fix inaccurate test

66807db

- Pass in a str instead of an object to DigestAuth

DavisRayM requested review from ukanga and ivermac October 17, 2019 08:43

ivermac previously approved these changes Oct 17, 2019

View reviewed changes

ukanga requested changes Oct 17, 2019

View reviewed changes

onadata/apps/api/viewsets/connect_viewset.py Outdated Show resolved Hide resolved

onadata/apps/api/viewsets/connect_viewset.py Outdated Show resolved Hide resolved

onadata/apps/api/models/odk_token.py Show resolved Hide resolved

Minor code changes

62bd0e6

- Directly assigning values to data dict rather than use a function

DavisRayM dismissed ivermac’s stale review via 62bd0e6 October 18, 2019 04:43

DavisRayM added 9 commits October 18, 2019 12:18

Modify ODKToken Model

8f380d4

- Store the key value in an encrypted format - Generate new migration for the ODKToken Model

Update TestODKToken tests

fa9cf29

Modify test_authenticate_odk_token_email test

72a93f6

- Check that passing the raw_token authenticates the user

Store key as string not byte

9abddb8

Change odk_token endpoint

105548d

- Change field 'odk_token' to 'enc_odk_token' - Change field 'expires_in' to 'active_till' - Update tests

Add status field to ODKToken model

3fd3673

- Regenerate migrations

Set default status for an ODKToken to Active

86838d7

Update travis test settings

79157f6

Revert Travis Test Settings

0ad21c5

DavisRayM force-pushed the odk-token-authentication branch 2 times, most recently from f18811b to 85d34e7 Compare October 18, 2019 11:20

Use ugettext_lazy

310f5ce

- Chance Active and Inactive value - Recreate migrations

DavisRayM force-pushed the odk-token-authentication branch from 85d34e7 to 310f5ce Compare October 18, 2019 11:36

DavisRayM added 3 commits October 22, 2019 07:48

Modify ODK Token Module Docstring

cfc49ae

Create DigestAccountStorage

7c8d44a

Use DigestAccountStorage as default Account Storage for Digest Authen…

c0f2576

…tication

DavisRayM added 11 commits October 22, 2019 10:32

Minor Code Cleanup

f6d87d7

- Lint code

Add ODK_TOKEN_FERNET_KEY setting to travis_test settings

164dc89

Modify TestDigestAuthentication

2e2f8ba

- Remove ODK_TOKEN_FERNET_KEY variable

Modify odk_token endpont

2622e17

- Minor Code Cleanup - Add ability to make PATCH Requests - Add ability to change ODKToken Status

Call correct functions

27a1581

- Minor code cleanup

Add status_display field

1a3ee93

Add new test to TestConnectViewSet

2102220

- Test that ODK Token status can be changed through a PATCH request

Silence Pylint warning

f3fcfb6

Remove unused import

87ba7e0

Silence pylint 'no-self-use' warning

49f5d06

Fix Failing Tests

277b03e

ukanga previously approved these changes Oct 22, 2019

View reviewed changes

onadata/apps/api/storage.py Outdated Show resolved Hide resolved

onadata/apps/api/models/odk_token.py Show resolved Hide resolved

DavisRayM added 2 commits October 23, 2019 08:54

Remove strict setting of digest authentication account storage

dd20472

Fix issue on checking for odk_token_expiry

f395a33

- Change DigestAccountStorage to ODKTokenAccountStorage - Add additional information to the ODKTokenAccountStorage docstring

DavisRayM dismissed ukanga’s stale review via 3860530 October 23, 2019 06:22

Fix an error raised when an ODK Token has expired

5847d74

DavisRayM force-pushed the odk-token-authentication branch from 3860530 to 5847d74 Compare October 23, 2019 06:26

Fix failing test

84a8605

- Use ODKTokenAccountStorage while testing expiry date failure

ukanga requested changes Oct 25, 2019

View reviewed changes

onadata/apps/api/viewsets/connect_viewset.py Outdated Show resolved Hide resolved

onadata/apps/api/viewsets/connect_viewset.py Outdated Show resolved Hide resolved

DavisRayM added 7 commits October 25, 2019 13:55

Remove get_user() method from ODKTokenAccountStorage

150685e

- Add get_partial_digest method - Check that the users ODK Token has not expired before returning a partial digest

Update last_login of a User on successful DigestAuthentication

61d32ac

Add new ODKToken model properties; expires and raw_key

fba6dd6

Remove ability to change ODKToken Status

48a7b32

- Create a key on GET if one is non-existent or non is active

Remove _check_odk_token_expiry funtion

e35c0c8

- Use the token.expires property to check if the Token has expired

Change ODKToken user field to a ForeignKey Field

bed57c2

Test that old ODKToken objects are set to Inactive after regeneration

ba95f94

ukanga approved these changes Oct 25, 2019

View reviewed changes

ukanga merged commit e77b7ca into master Oct 25, 2019

ukanga deleted the odk-token-authentication branch October 25, 2019 13:18

WinnyTroy mentioned this pull request Nov 19, 2019

Update travis.yml file to include required global package #1718

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add ODKToken Authentication Method #1705

Add ODKToken Authentication Method #1705

DavisRayM commented Oct 17, 2019 •

edited

Loading

ivermac left a comment

Add ODKToken Authentication Method #1705

Add ODKToken Authentication Method #1705

Conversation

DavisRayM commented Oct 17, 2019 • edited Loading

Changes Implemented in this PR

ivermac left a comment

Choose a reason for hiding this comment

DavisRayM commented Oct 17, 2019 •

edited

Loading