reapply session auth changes

api/requirements/dev.txt

@@ -10,8 +10,13 @@ charset-normalizer==2.0.12
 coreapi==2.3.3
 coreschema==0.0.4
 coverage==6.3.2
+cryptography==36.0.1
+defusedxml==0.7.1
+dj-rest-auth==2.2.3
 Django==3.2.12
+django-allauth==0.49.0
 django-boto==0.3.12
+django-cors-headers==3.11.0
 django-debug-toolbar==3.2.4
 django-environ==0.8.1
 django-extensions==3.1.5
@@ -34,19 +39,23 @@ MarkupSafe==2.1.0
 mypy==0.931
 mypy-extensions==0.4.3
 numpy==1.22.2
+oauthlib==3.2.0
 packaging==21.3
 pandas==1.4.1
 pluggy==1.0.0
 psycopg2-binary==2.9.3
 py==1.11.0
 pycparser==2.21
+PyJWT==2.3.0
 pynmea2==1.18.0
 pyparsing==3.0.7
 pytest==7.0.1
 pytest-django==4.5.2
 python-dateutil==2.8.2
+python3-openid==3.2.0
 pytz==2021.3
 requests==2.27.1
+requests-oauthlib==1.3.1
 ruamel.yaml==0.17.21
 ruamel.yaml.clib==0.2.6
 six==1.16.0

api/requirements/prod.txt

@@ -7,8 +7,13 @@ cffi==1.15.0
 charset-normalizer==2.0.12
 coreapi==2.3.3
 coreschema==0.0.4
+cryptography==36.0.1
+defusedxml==0.7.1
+dj-rest-auth==2.2.3
 Django==3.2.12
+django-allauth==0.49.0
 django-boto==0.3.12
+django-cors-headers==3.11.0
 django-environ==0.8.1
 django-extensions==3.1.5
 django-model-utils==4.2.0
@@ -24,15 +29,19 @@ itypes==1.2.0
 Jinja2==3.0.3
 MarkupSafe==2.1.0
 numpy==1.22.2
+oauthlib==3.2.0
 packaging==21.3
 pandas==1.4.1
 psycopg2-binary==2.9.3
 pycparser==2.21
+PyJWT==2.3.0
 pynmea2==1.18.0
 pyparsing==3.0.7
 python-dateutil==2.8.2
+python3-openid==3.2.0
 pytz==2021.3
 requests==2.27.1
+requests-oauthlib==1.3.1
 ruamel.yaml==0.17.21
 ruamel.yaml.clib==0.2.6
 six==1.16.0

api/woeip/apps/core/forms.py

@@ -0,0 +1,2 @@
+from django import forms
+from django.contrib.auth.forms import UserChangeForm, UserCreationForm

api/woeip/settings.py

@@ -30,7 +30,7 @@
     "django.contrib.gis",
 ]
 
-THIRD_PARTY_APPS = ["django_extensions", "rest_framework", "storages", "drf_yasg"]
+THIRD_PARTY_APPS = ["corsheaders", "django_extensions", "rest_framework", 'rest_framework.authtoken', "dj_rest_auth", "allauth", 'allauth.account', 'allauth.socialaccount', 'dj_rest_auth.registration', "storages", "drf_yasg"]
 
 LOCAL_APPS = ["woeip.apps.core", "woeip.apps.air_quality"]
 
@@ -57,6 +57,7 @@
 
 
 MIDDLEWARE = [
+    "corsheaders.middleware.CorsMiddleware",
     "django.middleware.security.SecurityMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.common.CommonMiddleware",
@@ -67,6 +68,33 @@
     "django.contrib.flatpages.middleware.FlatpageFallbackMiddleware",
 ]
 
+REST_FRAMEWORK = {
+    'DATETIME_FORMAT': "%m/%d/%Y %I:%M%P",
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework.authentication.TokenAuthentication',
+        ],
+    'DEFAULT_PERMISSION_CLASSES': [
+        'rest_framework.permissions.IsAuthenticatedOrReadOnly',
+    ]
+}
+
+AUTHENTICATION_BACKENDS = (
+    "django.contrib.auth.backends.ModelBackend",
+    "allauth.account.auth_backends.AuthenticationBackend",
+)
+
+ACCOUNT_EMAIL_REQUIRED = True
+ACCOUNT_UNIQUE_EMAIL = True
+ACCOUNT_USERNAME_REQUIRED = False
+ACCOUNT_AUTHENTICATION_METHOD = 'email'
+
+CORS_ALLOWED_ORIGINS = [
+    "http://lvh.me",
+    "https://woaq.org",
+    "http://localhost:3000",
+    "http://127.0.0.1:3000",
+]
+
 ROOT_URLCONF = "woeip.urls"
 
 TEMPLATES = [
@@ -192,8 +220,5 @@ def generate_file_handler(filename):
     },
 }
 
-LOGIN_REDIRECT_URL = "upload"
-LOGOUT_REDIRECT_URL = "login"
-
 EMAIL_BACKEND = "django.core.mail.backends.filebased.EmailBackend"
 EMAIL_FILE_PATH = str(project_root.path("sent_emails"))

api/woeip/urls.py

@@ -18,13 +18,14 @@
 router.register(r"pollutant_values", views.PollutantValueViewSet)
 router.register(r"sensors", views.SensorViewSet)
 router.register(r"timegeo", views.TimeGeoViewSet)
-router.register(r"users", core_views.UserViewSet)
+# router.register(r"users", core_views.UserViewSet) # Disable to prevent personal information leaking
 
 
 urlpatterns = [
     path("", include(router.urls)),
     path("admin/", admin.site.urls),
-    path("api-auth/", include("rest_framework.urls", namespace="rest_framework")),
+    path("auth/", include("dj_rest_auth.urls")),
+    path("auth/register/", include('dj_rest_auth.registration.urls')),
 ]
 
 urlpatterns += swagger_urlpatterns

nginx-proxy/Dockerfile

@@ -1,4 +1,3 @@
 FROM jwilder/nginx-proxy
 ARG API_DOMAIN
-COPY cors.conf /etc/nginx/vhost.d/$API_DOMAIN
-COPY api_static_assets_routing /etc/nginx/vhost.d/${API_DOMAIN}_location
+COPY api_static_assets_routing /etc/nginx/vhost.d/${API_DOMAIN}_location

web/package.json

@@ -55,7 +55,9 @@
   "devDependencies": {
     "@testing-library/jest-dom": "^5.11.9",
     "@testing-library/react": "^11.2.5",
-    "@testing-library/user-event": "^12.7.1",
+    "@testing-library/user-event": "^12.8.3",
+    "@types/react": "^17.0.39",
+    "@types/react-router-dom": "^5.3.3",
     "@typescript-eslint/parser": "^4.15.1",
     "eslint-config-prettier": "^7.2.0",
     "eslint-plugin-prettier": "^3.3.1",

web/src/App.js

@@ -1,15 +1,32 @@
+import { useState, useEffect } from "react";
+import { AuthTokenContext } from "./components/auth/tokenContext";
+import { getAuthTokenItem } from "./components/auth/utils";
 import { Navigation } from "./components/nav";
 import { Footer } from "./components/footer";
 import { Container } from "./components/ui";
 import "./App.css";
 
 // All components for the application are organized here.
 export const App = () => {
+  const [authToken, setAuthToken] = useState("");
+  const [tokenLoading, setTokenLoading] = useState(true);
+  /**
+   * Check local storage for auth token on initial application load.
+   */
+  useEffect(() => {
+    setAuthToken(getAuthTokenItem());
+    setTokenLoading(false);
+  }, []);
+
   return (
-    <Container className={"app-container"}>
-      {/* Components that can be mounted via the Router are nested in Navigation */}
-      <Navigation />
-      <Footer />
-    </Container>
+    <AuthTokenContext.Provider
+      value={{ authToken, tokenLoading, setAuthToken }}
+    >
+      <Container className={"app-container"}>
+        {/* Components that can be mounted via the Router are nested in Navigation */}
+        <Navigation />
+        <Footer />
+      </Container>
+    </AuthTokenContext.Provider>
   );
 };