From 491637b46052ad8f37f42f2556ef802e59d1520b Mon Sep 17 00:00:00 2001 From: Melissa Autumn Date: Thu, 7 Dec 2023 12:25:06 -0800 Subject: [PATCH 1/2] Allow AppointmentOut to have either SlotBase or SlotOut (Fixes #203) - Schedules don't have actual slot objects, so we need to let our fake slots go to the frontend. --- backend/src/appointment/database/schemas.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/appointment/database/schemas.py b/backend/src/appointment/database/schemas.py index 5fd6520cf..23b25e5ce 100644 --- a/backend/src/appointment/database/schemas.py +++ b/backend/src/appointment/database/schemas.py @@ -111,7 +111,7 @@ class Config: class AppointmentOut(AppointmentBase): id: int | None = None owner_name: str | None = None - slots: list[SlotOut] = [] + slots: list[SlotBase|SlotOut] = [] """ SCHEDULE model schemas From ce681fb81ff45cbef43385afe9144ecbeeb88632 Mon Sep 17 00:00:00 2001 From: Melissa Autumn Date: Thu, 7 Dec 2023 12:25:11 -0800 Subject: [PATCH 2/2] Remove more auth0 stuff --- backend/requirements.txt | 1 - backend/src/appointment/controller/auth.py | 90 +--------------------- backend/src/appointment/routes/api.py | 2 +- 3 files changed, 2 insertions(+), 91 deletions(-) diff --git a/backend/requirements.txt b/backend/requirements.txt index 142e16a0a..9ac8b62e6 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -1,5 +1,4 @@ alembic==1.9.3 -auth0-python==4.0.0 argon2-cffi==23.1.0 argon2-cffi-bindings==21.2.0 caldav==1.0.1 diff --git a/backend/src/appointment/controller/auth.py b/backend/src/appointment/controller/auth.py index 4ec2899c6..df6aa94dd 100644 --- a/backend/src/appointment/controller/auth.py +++ b/backend/src/appointment/controller/auth.py @@ -6,96 +6,8 @@ import os import hashlib import hmac -import secrets -from sqlalchemy.orm import Session -from ..database import repo, schemas, models -from fastapi_auth0 import Auth0, Auth0User -from auth0.authentication import GetToken -from auth0.management import Auth0 as ManageAuth0 -from auth0.exceptions import Auth0Error, RateLimitError, TokenValidationError - - -domain = os.getenv("AUTH0_API_DOMAIN") -api_client_id = os.getenv("AUTH0_API_CLIENT_ID") -api_secret = os.getenv("AUTH0_API_SECRET") -api_audience = os.getenv("AUTH0_API_AUDIENCE") - - -class Auth: - def __init__(self): - """verify Appointment subscription via Auth0, return user or None""" - scopes = {"read:calendars": "Read Calendar Ressources"} # TODO - - # Ugly hack for testing - if os.getenv('APP_ENV') == 'test': - from types import SimpleNamespace - self.auth0 = SimpleNamespace(implicit_scheme=lambda x: x, get_user=lambda x: x) - return - - self.auth0 = Auth0(domain=domain, api_audience=api_audience, scopes=scopes, auto_error=False) - - def persist_user(self, db: Session, user: Auth0User, timezone: str): - """Sync authed user to Appointment db""" - if not db: - return None - # get the current user via the authed user - api = self.init_management_api() - if not api: - logging.warning( - "[auth.persist_user] A frontend authed user (ID: %s, name: %s) was not found via management API", - str(user.id), - user.name, - ) - return None - authenticated_subscriber = api.users.get(user.id) - # check if user exists as subsriber - if authenticated_subscriber: - # search for subscriber in Appointment db - db_subscriber = repo.get_subscriber_by_email(db=db, email=authenticated_subscriber["email"]) - # if authenticated subscriber doesn't exist yet, add them - if db_subscriber is None: - subscriber = schemas.SubscriberBase( - username=authenticated_subscriber["email"], # username == email for now - email=authenticated_subscriber["email"], - name=authenticated_subscriber["name"], - timezone=timezone, - level=models.SubscriberLevel.pro, # TODO - ) - db_subscriber = repo.create_subscriber(db=db, subscriber=subscriber) - - # Generate an initial short link hash if they don't have one already - if db_subscriber.short_link_hash is None: - repo.update_subscriber( - db, - schemas.SubscriberAuth( - email=db_subscriber.email, - username=db_subscriber.username, - short_link_hash=secrets.token_hex(32), - ), - db_subscriber.id, - ) - - return db_subscriber - return None - - def init_management_api(self): - """Helper function to get a management api token""" - try: - get_token = GetToken(domain, api_client_id, client_secret=api_secret) - token = get_token.client_credentials("https://{}/api/v2/".format(domain)) - management = ManageAuth0(domain, token["access_token"]) - except RateLimitError as error: - logging.error("[auth.init_management_api] A rate limit error occurred: " + str(error)) - return None - except Auth0Error as error: - logging.error("[auth.init_management_api] An Auth0 error occurred: " + str(error)) - return None - except TokenValidationError as error: - logging.error("[auth.init_management_api] A token validation error occurred" + str(error)) - return None - - return management +from ..database import repo, schemas def sign_url(url: str): diff --git a/backend/src/appointment/routes/api.py b/backend/src/appointment/routes/api.py index 5892f9b65..9a8070117 100644 --- a/backend/src/appointment/routes/api.py +++ b/backend/src/appointment/routes/api.py @@ -20,7 +20,7 @@ from fastapi_auth0 import Auth0User from datetime import timedelta, timezone from ..controller.apis.google_client import GoogleClient -from ..controller.auth import signed_url_by_subscriber, Auth +from ..controller.auth import signed_url_by_subscriber from ..database.models import Subscriber, CalendarProvider, MeetingLinkProviderType, ExternalConnectionType from ..dependencies.google import get_google_client from ..dependencies.auth import get_subscriber