From 2e737b57b0e79efb8d9985135a738094f6b0723c Mon Sep 17 00:00:00 2001 From: Spencer Pogorzelski <34356756+spencerpogo@users.noreply.github.com> Date: Sat, 26 Apr 2025 16:31:20 -0400 Subject: [PATCH 1/2] Quick code issue fixes --- server/config.py | 14 +++++++------- server/controllers/auth.py | 38 ++++++++++++++++++++++---------------- 2 files changed, 29 insertions(+), 23 deletions(-) diff --git a/server/config.py b/server/config.py index a28306f..5acef3e 100644 --- a/server/config.py +++ b/server/config.py @@ -17,13 +17,13 @@ "SQLALCHEMY_DATABASE_URI", "postgresql://postgres:password@database/qstackdb" ) -AUTH0_CLIENT_ID = os.environ.get("AUTH0_CLIENT_ID") -AUTH0_CLIENT_SECRET = os.environ.get("AUTH0_CLIENT_SECRET") -AUTH_USERNAME = os.environ.get("AUTH_USERNAME") -AUTH_PASSWORD = os.environ.get("AUTH_PASSWORD") -AUTH0_DOMAIN = os.environ.get("AUTH0_DOMAIN") -APP_SECRET_KEY = os.environ.get("APP_SECRET_KEY") -MENTOR_PASS = os.environ.get("MENTOR_PASS") +AUTH0_CLIENT_ID = os.environ["AUTH0_CLIENT_ID"] +AUTH0_CLIENT_SECRET = os.environ["AUTH0_CLIENT_SECRET"] +AUTH_USERNAME = os.environ["AUTH_USERNAME"] +AUTH_PASSWORD = os.environ["AUTH_PASSWORD"] +AUTH0_DOMAIN = os.environ["AUTH0_DOMAIN"] +APP_SECRET_KEY = os.environ["APP_SECRET_KEY"] +MENTOR_PASS = os.environ["MENTOR_PASS"] ENV = os.environ.get("ENVIRONMENT", "development") diff --git a/server/controllers/auth.py b/server/controllers/auth.py index 0f503e1..3ab5591 100644 --- a/server/controllers/auth.py +++ b/server/controllers/auth.py @@ -1,18 +1,20 @@ -from flask import current_app as app, redirect, session, request -from server import db -from authlib.integrations.flask_client import OAuth -from apiflask import APIBlueprint, abort +import functools from urllib.parse import quote_plus, urlencode -from server.models import User + +from apiflask import APIBlueprint, abort +from authlib.integrations.flask_client import OAuth +from flask import current_app as app +from flask import redirect, request, session + +from server import db from server.config import ( - FRONTEND_URL, - MENTOR_PASS, AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, AUTH0_DOMAIN, - AUTH_USERNAME, - AUTH_PASSWORD + FRONTEND_URL, + MENTOR_PASS, ) +from server.models import User auth = APIBlueprint("auth", __name__, url_prefix="/auth") oauth = OAuth(app) @@ -29,24 +31,28 @@ ) -def auth_required_decorator(roles): +def is_user_valid(user, valid_roles): + if not user or not user.role: + return False + elif user.role not in valid_roles: + return False + return True + + +def auth_required_decorator(valid_roles): """ middleware for protected routes """ def auth_required(func): + @functools.wraps(func) def wrapper(*args, **kwargs): email = session["user"]["userinfo"]["email"] user = User.query.filter_by(email=email).first() - if not user or not user.role: - return abort(401) - elif user.role not in roles: + if not is_user_valid(user, valid_roles): return abort(401) return func(*args, **kwargs) - wrapper.__name__ = ( - func.__name__ - ) # avoid overwriting wrapper. something about scoping issues return wrapper return auth_required From 732ef7b88688253160df97f782c138baae8562d2 Mon Sep 17 00:00:00 2001 From: Spencer Pogorzelski <34356756+spencerpogo@users.noreply.github.com> Date: Sat, 26 Apr 2025 16:57:51 -0400 Subject: [PATCH 2/2] preserve compat with kwarg API --- server/controllers/auth.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/controllers/auth.py b/server/controllers/auth.py index 3ab5591..13f0b31 100644 --- a/server/controllers/auth.py +++ b/server/controllers/auth.py @@ -39,7 +39,7 @@ def is_user_valid(user, valid_roles): return True -def auth_required_decorator(valid_roles): +def auth_required_decorator(roles): """ middleware for protected routes """ @@ -49,7 +49,7 @@ def auth_required(func): def wrapper(*args, **kwargs): email = session["user"]["userinfo"]["email"] user = User.query.filter_by(email=email).first() - if not is_user_valid(user, valid_roles): + if not is_user_valid(user, roles): return abort(401) return func(*args, **kwargs)