Skip to content

Set up user identity and JWT for native users #84

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 11 commits into from
Dec 16, 2023
Merged

Set up user identity and JWT for native users #84

merged 11 commits into from
Dec 16, 2023

Conversation

taesungh
Copy link
Member

@taesungh taesungh commented Dec 15, 2023
edited
Loading

Include the user identity code from last year to provide JWTs when completing SAML authentication.
The full guest authentication flow will come separately with #68, but the user identity foundation is provided here, e.g. the GuestUser model.

Closes #69.

Changes

  • Import user and user identity from last year
  • Move JWT_SECRET check to index.py
  • Resolve type errors w/ NativeUser, EmailStr
    • Ignore call-arg error when calling super constructor
    • EmailStr no longer needs to be explicitly constructed
  • Resolve pydantic deprecation warnings
    • Replace dict with model_dump and parse_obj with model_validate
  • Fix uid scoping when local part contains dot
  • Incorporate user identity with SAML authentication
    • Provide user identity cookie when authenticating with SAML ACS
    • Rename hackuci_auth to irvinehacks_auth
  • Improve type annotations in user/user_identity
    • Use Annotated for Cookie and Union instead of Optional
  • Fix model issue with IdentityResponse for user
  • Include note in API README about JWT_KEY
  • Rename log_out to logout for consistency
  • Add Pydantic mypy plugin to fix submodel call-arg

Testing

Staging subdomain was manually assigned to the preview deployment. Confirmed SAML flow works and user identity cookie is provided which is properly consumed by /api/user/me endpoint.

@taesungh
Import user and user identity from last year
d2fedf6 
- Import `user_identity` auth, `user` router, and `user_record` util,
  and associated tests from last year's HackAtUCI/HackUCI-Site
- Install python-jose[cryptography]
- Add user router to app
@taesungh
Move JWT_SECRET check to index.py
3744c1d
@taesungh
Resolve type errors w/ NativeUser, EmailStr
85cbd6a 
- Ignore call-arg error when calling super constructor
- `EmailStr` no longer needs to be explicitly constructed
@taesungh
Resolve pydantic deprecation warnings
b91310c 
- Replace `dict` with `model_dump` and `parse_obj` with `model_validate`
@taesungh
Fix uid scoping when local part contains dot
3cd9271
@taesungh
Incorporate user identity with SAML authentication
1c389d3 
- Provide user identity cookie when authenticating with SAML ACS
- Rename `hackuci_auth` to `irvinehacks_auth`
@taesungh
Improve type annotations in user/user_identity
db91455 
- Use `Annotated` for `Cookie` and `Union` instead of `Optional`
@taesungh
Fix model issue with IdentityResponse for user
e40149d 
- `Optional` fields are no longer not required in Pydantic V2 models
- Add unit test for `/user/me` endpoint
@taesungh
Include note in API README about JWT_KEY
b7b1888
@taesungh taesungh requested a review from samderanova December 15, 2023 09:43
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 15, 2023
edited
Loading

Deploy preview for irvinehacks-site-2024-sanity ready!

Name Sanity Studio
Preview Visit Preview
Commit aded12e

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 15, 2023
edited
Loading

Deploy preview for irvinehacks-site-2024 ready!

Name IrvineHacks 2024 Site
Preview Visit Preview
Commit aded12e

samderanova
samderanova reviewed Dec 15, 2023
View reviewed changes
Copy link
Contributor

@samderanova samderanova left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good work on this! Thankfully, stubs exist for python-jose already.

samderanova
samderanova requested changes Dec 15, 2023
View reviewed changes
Copy link
Contributor

@samderanova samderanova left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few nitpicks addressed above:

@taesungh taesungh changed the title Setup/user identity Set up user identity and JWT for native users Dec 15, 2023
@taesungh
Rename log_out to logout for consistency
7491f2e
@taesungh
Add Pydantic mypy plugin to fix submodel call-arg
aded12e 
- Add `pydantic.mypy` plugin to generate signature for `Model.__init__`
- Do not enable `init_forbid_extra` option
  - This will type `super().__init__` with an extra `kwargs: Any`
  - Thus the type ignore in `NativeUser` can be removed
@samderanova samderanova self-requested a review December 15, 2023 19:49
@taesungh taesungh requested a review from rileysw December 15, 2023 21:24
rileysw
rileysw approved these changes Dec 15, 2023
View reviewed changes
@samderanova
Copy link
Contributor

Please squash merge.

@taesungh taesungh merged commit 7f63eb8 into main Dec 16, 2023
@taesungh taesungh deleted the setup/user-identity branch December 17, 2023 07:21
@taesungh taesungh mentioned this pull request Dec 17, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rileysw rileysw rileysw approved these changes

@samderanova samderanova samderanova approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Set up JWTs
3 participants
@taesungh @samderanova @rileysw