add donation endpoints

* add donation endpoints
* donator signs in via Line and organization signs in via Email
* refactor endpoint paths

Author: blakey22

Makefile

@@ -9,3 +9,6 @@ dev-env:
 local-db:
 	if [ ! -d pg-data ]; then mkdir pg-data; fi
 	docker run -d --name shared-tw_db --rm  -e POSTGRES_DB=sharedtw -e POSTGRES_PASSWORD=password -v $$PWD/pg-data:/var/lib/postgresql/data:Z,shared -p 127.0.0.1:5432:5432 postgres:13
+
+tests:
+	python manage.py test

README.md

@@ -5,6 +5,7 @@ This repository contains backend codes.
 ## 開發環境
 * Python 3.7+
 * Django + django-jinja
+* Docker
 
 ```bash
 make dev-dev
@@ -17,3 +18,9 @@ make local-db
 python manage.py migrate
 python manage.py runserver
 ```
+
+## HTTP 狀態碼
+* `400`: POST 資料有錯誤
+* `401`: 未登入
+* `403`: 未驗證 EMail
+* `422`: 無法更新項目狀態

api/api.py

@@ -1,10 +1,10 @@
 from ninja import NinjaAPI
 from ninja.operation import Operation
 
-from authenticator.api import JWTAuthBearer, JWTAuthUserBearer
+from authenticator.api import JWTAuthBearer
 from authenticator.api import router as authenticator_router
 from oauth2.api import router as oauth_router
-from share.api import organization_router, public_router, register_rotuer
+from share.api import router as share_router
 
 
 class SharedTWApi(NinjaAPI):
@@ -15,8 +15,6 @@ def get_openapi_operation_id(self, operation: Operation) -> str:
 
 api = SharedTWApi(title="shared-tw API", version="0.1.0")
 
-api.add_router("", public_router)
 api.add_router("auth", authenticator_router)
 api.add_router("oauth", oauth_router)
-api.add_router("register", register_rotuer, auth=JWTAuthBearer())
-api.add_router("organization", organization_router, auth=JWTAuthUserBearer())
+api.add_router("", share_router, auth=JWTAuthBearer())

api/settings.py

@@ -9,9 +9,12 @@
 For the full list of settings and their values, see
 https://docs.djangoproject.com/en/3.2/ref/settings/
 """
+import logging.config
 import os
 from pathlib import Path
 
+from django.utils.log import DEFAULT_LOGGING
+
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 
@@ -39,7 +42,9 @@
     "django.contrib.sessions",
     "django.contrib.messages",
     "django.contrib.staticfiles",
+    # 3rd party
     "corsheaders",
+    # shared tw
     "share",
     "oauth2",
 ]
@@ -53,14 +58,15 @@
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "authenticator.middleware.Status403Middleware",
 ]
 
 ROOT_URLCONF = "api.urls"
 
 TEMPLATES = [
     {
         "BACKEND": "django.template.backends.django.DjangoTemplates",
-        "DIRS": [],
+        "DIRS": [os.path.join(BASE_DIR, "templates")],
         "APP_DIRS": True,
         "OPTIONS": {
             "context_processors": [
@@ -134,6 +140,52 @@
 
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 
+# Disable Django's logging setup
+LOGGING_CONFIG = None
+
+LOGLEVEL = os.environ.get("LOGLEVEL", "info").upper()
+
+logging.config.dictConfig(
+    {
+        "version": 1,
+        "disable_existing_loggers": False,
+        "formatters": {
+            "default": {
+                "format": "%(asctime)s %(name)-12s %(levelname)-8s %(message)s",
+            },
+            "django.server": DEFAULT_LOGGING["formatters"]["django.server"],
+        },
+        "handlers": {
+            "console": {
+                "class": "logging.StreamHandler",
+                "formatter": "default",
+            },
+            "django.server": DEFAULT_LOGGING["handlers"]["django.server"],
+        },
+        "loggers": {
+            "": {
+                "level": "WARNING",
+                "handlers": ["console"],
+            },
+            "share": {
+                "level": LOGLEVEL,
+                "handlers": ["console"],
+                "propagate": False,
+            },
+            # Default runserver request logging
+            "django.server": DEFAULT_LOGGING["loggers"]["django.server"],
+        },
+    }
+)
+
+# Email settings
+EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
+EMAIL_HOST = "smtp.gmail.com"
+EMAIL_HOST_USER = os.environ.get("EMAIL_USER", "__not_set__")
+EMAIL_HOST_PASSWORD = os.environ.get("EMAIL_PASSWORD", "__not_set__")
+EMAIL_PORT = 587
+EMAIL_USE_TLS = True
+
 
 # django-cors-headers settings
 # FIXME: use the domain!
@@ -142,10 +194,20 @@
 
 # shared-tw setting
 SHARED_TW_SETTINGS = {
-    "LINE_CLIENT_ID": os.environ.get("LINE_CLIENT_ID"),
-    "LINE_CLIENT_SECRET": os.environ.get("LINE_CLIENT_SECRET"),
-    "DOMAIN": os.getenv("DOMAIN", "shared-tw.icu"),
+    "line_client_id": os.environ.get("LINE_CLIENT_ID"),
+    "line_client_secret": os.environ.get("LINE_CLIENT_SECRET"),
+    # "domain": os.getenv("DOMAIN", "shared-tw.icu"),
 }
 
+
+AUTHENTICATOR = {
+    # Do not use SECRET_KEY to prevent the key gets leak
+    "hash_id_secret": os.getenv("HASH_ID_SECRET", "__not_set__"),
+    "min_length": int(os.getenv("MIN_LENGTH", "7")),
+    "verification_email_url": "/auth/verify-email?uid={uid}&token={token}",
+}
+
+
+# oauth2 settings
 # This allows us to use a plain HTTP callback
 os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"

api/settings_prod.py

@@ -5,9 +5,12 @@
 from .settings import *  # noqa: F403
 
 DEBUG = False
+SECRET_KEY = os.environ["SECRET_KEY"]
 ALLOWED_HOSTS = ["shared-tw.herokuapp.com", "api.shared-tw.icu"]
 DATABASES["default"] = dj_database_url.config(  # noqa: F405
     conn_max_age=600, ssl_require=True
 )
+AUTHENTICATOR["hash_id_secret"] = os.environ["HASH_ID_SECRET"]  # noqa: F405
+
 if "OAUTHLIB_INSECURE_TRANSPORT" in os.environ:
     del os.environ["OAUTHLIB_INSECURE_TRANSPORT"]

authenticator/api.py

@@ -6,16 +6,18 @@
 
 from django.conf import settings
 from django.contrib.auth import get_user_model
-from django.http import HttpRequest, HttpResponse
-from django.http.response import JsonResponse
+from django.contrib.auth.tokens import default_token_generator
+from django.contrib.sites.shortcuts import get_current_site
+from django.http import HttpRequest
+from django.http.response import HttpResponseBase, JsonResponse
 from django.utils import timezone
 from fastapi_jwt_auth import AuthJWT
 from fastapi_jwt_auth.exceptions import JWTDecodeError
 from ninja import Router, Schema, errors
 from ninja.security import HttpBearer
 from ninja.security.apikey import APIKeyBase
 
-from . import schemas
+from . import schemas, utils
 
 logger = logging.getLogger(__name__)
 
@@ -36,94 +38,129 @@ def get_config():
 class RefreshTokenCookieAuth(APIKeyBase, ABC):
     """Check is refresh token exists in the Cookies"""
 
-    # We don't inherit APIKeyCookie
+    # We don't inherit APIKeyCookie to skip CSRF check for now
     openapi_in: str = "cookie"
     param_name = "refresh-token"
 
     def _get_key(self, request: HttpRequest) -> Optional[str]:
         return request.COOKIES.get(self.param_name)
 
     def authenticate(self, request: HttpRequest, key: Optional[str]) -> Optional[Any]:
-        user, decoded_token = JWTLogin().authenticate(key)
-        if user:
-            request.user = user
-        else:
+        user, decoded_token = Authenticator().authenticate_by_token(key)
+        if not user:
             return None
+
+        request.user = user
         return decoded_token
 
 
 class JWTAuthBearer(HttpBearer):
     """Verify JWT token"""
 
-    def authenticate(self, request, token):
-        user, decoded_token = JWTLogin().authenticate(token, is_active=None)
-        if user:
-            request.user = user
-        return decoded_token
-
-
-class JWTAuthUserBearer(HttpBearer):
-    """Verify JWT token and make sure the user is active"""
+    def __init__(self, inactive_user_raise_403: bool = True) -> None:
+        super().__init__()
+        self.inactive_user_raise_403 = inactive_user_raise_403
 
     def authenticate(self, request, token):
-        user, decoded_token = JWTLogin().authenticate(token)
-        if user:
-            request.user = user
+        user, decoded_token = Authenticator().authenticate_by_token(token)
+        if user and not user.is_active and self.inactive_user_raise_403:
+            raise errors.HttpError(403, "Please verify your email.")
+        elif not user:
+            return None
+
+        request.user = user
         return decoded_token
 
 
 @router.post("/token", response=schemas.JWTToken)
 def create_jwt_token(request, payload: schemas.JWTTokenCreation):
-    try:
-        user = User.objects.get(username=payload.username, is_active=True)
-        if not user.check_password(payload.password):
-            raise User.DoesNotExist()
+    authenticator = Authenticator()
 
-        access_token, refresh_token = JWTLogin().login(user)
-        resp = JsonResponse(schemas.JWTToken(access=access_token).dict())
-        return JWTLogin.set_refresh_cookie(resp, refresh_token)
+    try:
+        user = authenticator.authenticate(payload.username, payload.password)
+        if not user.is_active:
+            raise errors.HttpError(403, "Please verify your email.")
+        access_token, refresh_token = authenticator.login(user)
+        kwargs = schemas.JWTToken(access=access_token).dict()
+        return authenticator.generate_http_response(
+            request, JsonResponse, refresh_token, resp_kwargs=kwargs
+        )
     except User.DoesNotExist:
         raise errors.HttpError(400, "Invalid username or password")
 
 
 @router.post("/token/refresh", auth=RefreshTokenCookieAuth(), response=schemas.JWTToken)
 def refresh_jwt_token(request):
-    access_token, refresh_token = JWTLogin().login(request.user)
+    authenticator = Authenticator()
+    access_token, refresh_token = authenticator.login(request.user)
 
     # workaround to set Cookie in the response, see: https://github.com/vitalik/django-ninja/issues/117
-    resp = JsonResponse(schemas.JWTToken(access=access_token).dict())
-    return JWTLogin.set_refresh_cookie(resp, refresh_token)
+    return authenticator.generate_http_response(
+        request,
+        JsonResponse,
+        refresh_token,
+        resp_kwargs=schemas.JWTToken(access=access_token).dict(),
+    )
+
+
+@router.get("/verify-email", response=schemas.JWTToken)
+def verify_email(request, uid: str, token: str):
+    authenticator = Authenticator()
+    try:
+        access_token, refresh_token = authenticator.verify_email(uid, token)
+        kwargs = schemas.JWTToken(access=access_token).dict()
+        return authenticator.generate_http_response(
+            request, JsonResponse, refresh_token, resp_kwargs=kwargs
+        )
+    except Exception as e:
+        logger.warning("Invalid user or token: %s=%s, err: %s", uid, token, e)
+        raise errors.HttpError(401, "Invalid user or token")
 
 
-class JWTLogin:
+class Authenticator:
     def __init__(self):
         self.auth = AuthJWT()
 
     def login(
         self,
         user,
-        user_claims: typing.Optional[typing.Dict] = None,
     ) -> typing.Tuple[str, str]:
         user.last_login = timezone.now()
         user.save(update_fields=["last_login"])
 
-        if user_claims is None:
-            user_claims = {}
-
+        user_id = utils.encode_id(user.id)
         return self.auth.create_access_token(
-            subject=user.username, user_claims=user_claims
-        ), self.auth.create_refresh_token(subject=user.username)
+            subject=user_id
+        ), self.auth.create_refresh_token(subject=user_id)
+
+    def verify_email(self, encoded_id: str, token: str) -> typing.Tuple[str, str]:
+        user = User.objects.get(id=utils.decode_id(encoded_id))
+        if not default_token_generator.check_token(user, token):
+            raise ValueError("Invalid or expired token")
+        user.is_active = True
+        user.save()
+        return self.login(user)
+
+    def authenticate(self, username: str, password: str) -> User:
+        user = User.objects.get(username=username)
+        if not user.check_password(password):
+            raise User.DoesNotExist()
+        return user
 
-    def authenticate(self, token, is_active: typing.Optional[bool] = None):
+    def authenticate_by_token(
+        self, token: str, is_active: typing.Optional[bool] = None
+    ) -> typing.Tuple[typing.Optional[User], typing.Optional[str]]:
         user = None
         decoded_token = None
+
         kwargs = {}
-        if is_active is not None:
+        if isinstance(is_active, bool):
             kwargs["is_active"] = is_active
 
         try:
             decoded_token = self.auth.get_raw_jwt(token)
-            user = User.objects.get(username=decoded_token["sub"], **kwargs)
+            user_id = utils.decode_id(decoded_token["sub"])
+            user = User.objects.get(id=user_id, **kwargs)
         except User.DoesNotExist:
             logger.warning("User doesn't exist: %s", decoded_token)
         except JWTDecodeError as e:
@@ -133,13 +170,27 @@ def authenticate(self, token, is_active: typing.Optional[bool] = None):
 
         return user, decoded_token
 
-    @classmethod
-    def set_refresh_cookie(cls, resp: HttpResponse, refresh_token: str) -> HttpResponse:
+    @staticmethod
+    def generate_http_response(
+        request,
+        resp_cls: typing.Type[HttpResponseBase],
+        refresh_token: str,
+        resp_kwargs: typing.Dict = None,
+        unpack_resp_kwargs: bool = False,
+    ) -> HttpResponseBase:
+        site = get_current_site(request)
+        if resp_kwargs is None:
+            resp_kwargs = {}
+
+        if unpack_resp_kwargs:
+            resp = resp_cls(**resp_kwargs)
+        else:
+            resp = resp_cls(resp_kwargs)
         resp.set_cookie(
             RefreshTokenCookieAuth.param_name,
             refresh_token,
             httponly=True,
-            domain=settings.SHARED_TW_SETTINGS["DOMAIN"],
+            domain=site.domain.split(":", 1)[0],  # remove port
             samesite="Strict",
             max_age=timedelta(days=7).total_seconds(),
         )