Moving back to a simpler front end

.github/workflows/formatter.yml

@@ -9,17 +9,17 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ["3.10", "3.11", "3.12"]
+        python-version: [ "3.10", "3.11", "3.12" ]
     steps:
-    - uses: actions/checkout@v4
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
-      with:
-        python-version: ${{ matrix.python-version }}
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install black
-    - name: Formatting the code with black
-      run: |
-        black $(git ls-files '*.py')
+      - uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v3
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install black
+      - name: Formatting the code with black
+        run: |
+          black $(git ls-files '*.py')

.github/workflows/pylint.yml

@@ -1,22 +1,23 @@
 name: Pylint
 run-name: Pylint Checker 🐧
-on: [push]
+on: [ push ]
 jobs:
   build:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ["3.10", "3.11", "3.12"]
+        python-version: [ "3.10", "3.11", "3.12" ]
     steps:
-    - uses: actions/checkout@v4
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
-      with:
-        python-version: ${{ matrix.python-version }}
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install -r ./api/requirements_dev.txt
-    - name: Analysing the code with pylint
-      run: |
-        pylint $(git ls-files '*.py')
+      - uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v3
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r ./api/requirements.txt
+          pip install -r ./api/utils.txt
+      - name: Analysing the code with pylint
+        run: |
+          pylint $(git ls-files '*.py')

.gitignore

@@ -1,3 +1,3 @@
 .venv/
 **/__pycache__/
-.idea/
+.idea/.DS_Store

api/.env

@@ -0,0 +1,3 @@
+API_MODE=dev
+DB=relational
+SQLITE_DB_PATH="./moh.sqlite"

api/auth/controller.py

@@ -0,0 +1,19 @@
+from api.database.db import db
+import os
+
+AUTOLAB_SECRET = os.getenv("AUTOLAB_CLIENT_SECRET")
+AUTOLAB_ID = os.getenv("AUTOLAB_CLIENT_ID")
+REDIRECT_URI = os.getenv("AUTOLAB_REDIRECT_URI")
+
+def create_account(username, numeric_identifier, auth_level="student"):
+    account_id = db.create_account(username, numeric_identifier)
+    db.add_to_roster(account_id, auth_level)
+    return account_id
+
+def get_user(cookies):
+    if "auth_token" not in cookies:
+            return None
+
+    return db.get_authenticated_user(cookies["auth_token"])
+
+

api/auth/routes.py

@@ -1,31 +1,101 @@
 """Authentication Blueprint for MOH"""
 
-from flask import Blueprint
+import json
+import urllib.parse
+import requests
+
+from flask import Blueprint, request, make_response
+from api.database.db import db
+from api.auth.controller import AUTOLAB_ID, AUTOLAB_SECRET, REDIRECT_URI
 
 blueprint = Blueprint("auth", __name__)
 
+
 @blueprint.route("/login", methods=["POST"])
 def login():
     """Checks if the current user has the right credentials to log in
     Args:
-        email: forum data field of email
-        password: forum data field of password
+        ubit: form data field of ubit
+        password: form data field of password
 
     Returns:
         The status of the login attempt
     """
-    return "Login arrived"
+
+    ubit = request.form.get("ubit")
+    pw = request.form.get("password")
+
+    auth_token = db.sign_in(ubit, pw)
+
+    if not auth_token:
+        return {"message": "Incorrect username or password"}, 400
+
+    res = make_response(json.dumps({"message": "Successfully logged in"}), 200)
+    res.content_type = "application/json"
+    res.set_cookie(
+        "auth_token", auth_token, max_age=int(2.592e6), httponly=True, secure=True
+    )
+
+    return res
 
 
 @blueprint.route("/signup", methods=["POST"])
 def signup():
     """Creates an account using the given credentials,
-    fails if email already registered for an account
+    fails if ubit already registered for an account
+    or if ubit is not in the roster
     Args:
-        email: forum data field of email
+        ubit: forum data field of ubit
         password: forum data field of password
 
     Returns:
         The status of the sign-up attempt
     """
-    return "Signup arrived"
+
+    ubit = request.form.get("ubit")
+    pw = request.form.get("password")
+
+    if not db.lookup_identifier(ubit):
+        return {
+            "message": "You are not in the roster. If this is an error, please contact the course staff."
+        }, 400
+
+    if not (auth_token := db.sign_up(ubit, pw)):
+        return {"message": "Sign-in already exists"}, 400
+
+    res = make_response(json.dumps({"message": "Successfully created account"}), 200)
+    res.content_type = "application/json"
+    res.set_cookie(
+        "auth_token", auth_token, max_age=int(2.592e6), httponly=True, secure=True
+    )
+    return res
+
+
+@blueprint.route("/signout", methods=["POST"])
+def signout():
+    """Signs out the currently logged-in user, invalidating their auth token
+    Args:
+        Request.cookie: the auth token of the currently logged-in user
+
+    Returns:
+        400 if no auth token is set
+        200 on success
+    """
+
+    auth_token = request.cookies.get("auth_token")
+
+    if not auth_token:
+        return {"message": "You are not logged in."}, 400
+
+    db.sign_out(auth_token)
+
+    res = make_response(json.dumps({"message": "Logged out"}), 200)
+    res.content_type = "application/json"
+    res.set_cookie("auth_token", "", max_age=0, httponly=True, secure=True)
+
+    return res
+
+
+# TODO: update preferred name
+
+# TODO: account has UBIT (For AL lookups) and pn (For card swipes)

api/config/config.py

@@ -4,7 +4,8 @@
 
 
 class Config:
-    """Configuration class for MOJ api server, stores current configuration state of flask api"""
+    """Configuration class for MOH api server, stores current configuration state of flask api"""
 
     def __init__(self):
         self.API_MODE = os.getenv("API_MODE", "Can not find mode")
+        self.MAX_CONTENT_LENGTH = 16 * 1000 * 1000

api/database/db.py

@@ -0,0 +1,23 @@
+import os
+
+from api.database.relational_db.relational_db import RelationalDB
+from api.database.testing_db.testing_db import TestingDB
+from api.database.mock_db.mock_db import MockDB
+
+
+def create_db():
+    db_type = os.getenv("DB")
+    match db_type:
+        case "relational":
+            return RelationalDB()
+        case "testing":
+            return TestingDB()
+        case "mock":
+            return MockDB()
+        case None:
+            raise EnvironmentError('environment variable "DB" not set')
+        case _:
+            raise ModuleNotFoundError("Could not find database named " + db_type)
+
+
+db = create_db()

api/database/db_interface.py

@@ -0,0 +1,18 @@
+from abc import ABC, abstractmethod
+
+from api.database.idb_queue import IQueue
+from api.database.idb_ratings import IRatings
+from api.database.idb_accounts import IAccounts
+from api.database.idb_roster import IRoster
+
+
+class DBInterface(IQueue, IRatings, IAccounts, IRoster, ABC):
+
+    # All database implements must extend this class
+
+    def __init__(self):
+        super().__init__()
+
+    @abstractmethod
+    def connect(self):
+        pass

api/database/idb_accounts.py

@@ -0,0 +1,55 @@
+from abc import ABC, abstractmethod
+
+
+class IAccounts(ABC):
+
+    def __init__(self):
+        super().__init__()
+
+    @abstractmethod
+    def create_account(self, ubit, pn):
+        # Creates an account with the provided ubit and pn. Generates, and returns, a unique id for the new account
+        raise NotImplementedError()
+
+    @abstractmethod
+    def lookup_person_number(self, person_number) -> dict[str, str]:
+        # Returns the database entry for the user with the specified person number.
+        raise NotImplementedError()
+
+    @abstractmethod
+    def lookup_identifier(self, identifier) -> dict[str, str]:
+        # Returns the database entry for the user with the specified identifier.
+        # resolves UBIT -> person number -> unique id
+        raise NotImplementedError()
+
+    @abstractmethod
+    def get_authenticated_user(self, auth_token) -> dict[str, str]:
+        # Returns the database entry for the user with the specified auth token.
+        raise NotImplementedError()
+
+    @abstractmethod
+    def sign_up(self, username, pw) -> str | None:
+        # creates a sign in for the requested user
+        # returns None if the user's ubit isn't in the system
+        # returns an auth token for the user
+        raise NotImplementedError()
+
+    @abstractmethod
+    def sign_in(self, username, pw) -> str | None:
+        # generates and returns a valid auth token for the user if the username and password match
+        # returns None on error
+        raise NotImplementedError()
+
+    @abstractmethod
+    def sign_out(self, auth_token):
+        # invalidates the specified auth token
+        raise NotImplementedError()
+
+    @abstractmethod
+    def set_preferred_name(self, identifier, name):
+        # set the user's preferred name based on identifier
+        raise NotImplementedError()
+
+    @abstractmethod
+    def set_name(self, identifier, first_name, last_name):
+        raise NotImplementedError()

api/database/idb_queue.py

@@ -0,0 +1,39 @@
+from abc import ABC, abstractmethod
+
+
+class IQueue(ABC):
+
+    def __init__(self):
+        super().__init__()
+
+    @abstractmethod
+    def enqueue_student(self, student):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def enqueue_student_front(self, student):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def dequeue_student(self):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def get_queue(self):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def remove_student(self, student):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def clear_queue(self):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def set_reason(self, student, reason):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def move_to_end(self, student):
+        raise NotImplementedError()

api/database/idb_ratings.py

@@ -0,0 +1,11 @@
+from abc import ABC, abstractmethod
+
+
+class IRatings(ABC):
+
+    def __init__(self):
+        super().__init__()
+
+    @abstractmethod
+    def rate_student(self, student, rating, feedback):
+        raise NotImplementedError()

api/database/idb_roster.py

@@ -0,0 +1,15 @@
+from abc import ABC, abstractmethod
+
+
+class IRoster(ABC):
+
+    def __init__(self):
+        super().__init__()
+
+    @abstractmethod
+    def add_to_roster(self, user_id, role):
+        raise NotImplementedError()
+
+    @abstractmethod
+    def get_roster(self):
+        raise NotImplementedError()