Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cognito update 323 #324

Draft
wants to merge 27 commits into
base: main
Choose a base branch
from
Draft

Cognito update 323 #324

wants to merge 27 commits into from

Conversation

ethanstrominger
Copy link
Member

@ethanstrominger ethanstrominger commented Jun 25, 2024

Fixes #323

Related issues:

What changes did you make?

Files:

  • app/.env.docker-example: Added additional COGNITO variables. By default, COGNITO is not enabled so variables aree commented out.
  • rename jwt.py to jwt_hander.py to disambiguate from Python package "jwt"
  • settings.py:
    • add settings required by allauth package
    • change utils.jwt to utils.jwt_handler
  • app/peopledepot/urls.py: new "accounts/login" url that calls custom_redirect_login method in url_methods.py
  • requirements.txt: changes required by allauth

Changes for accounts/login URL:

By default, accounts/login will direct you to a page where there are two buttons, one for local login and one for Cognito login. When you click on Cognito, a second screen appears where you have to hit an additional button to bring up the Cognito log in page. The files below change accounts/login so that the first screen is skipped and you go directly to the second screen.

  • app/core/api/url_methods.py: Created cognito_login method for rendering cognito_login page and passing variables to the page.
  • app/templates/accounts/cognito_redirect_login.html: redirects to a different page used for just logging into Amazon Cognito. Avoids having to hid button twice.

Why did you make the changes?

See issue #323

What testing is recommended?

Deploy

  • set up Docker or get needed information about existing set up
  • deploy
    SSO sign up
  • log in using http://localhost:8000/accounts/login
  • sign up for new Cognito account.
  • If you have configured Cognito to require email verification, you will get an email.
  • To test more than once, you can use the same gmail account with slight variations by either adding a period (.) anywhere or adding + after the username portion. Gmail ignores both. Example: [email protected], [email protected], and [email protected] all work and send to the same gmail account
    Grant privileges using local admin account
  • log in as an admin using local login
  • grant new user superuser and staff options
    SSO sign in
  • Log in with SSO created previously. You will be directed to the admin page.

@ethanstrominger ethanstrominger requested a review from fyliu June 25, 2024 17:46
@ethanstrominger
Copy link
Member Author

I installed djangorestframework-api-key. Show me code that checks request api key matches with stored api key.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: PR Needs review (automated column, do not place items here manually)
Development

Successfully merging this pull request may close these issues.

Enable SSO for admin screen
1 participant