From 16c7530e61fc91acbb8cded00fb02540924f25ad Mon Sep 17 00:00:00 2001 From: shimilgithub Date: Thu, 14 Sep 2023 13:24:19 +0530 Subject: [PATCH 1/5] Upgrade Kratos to v1.0.0 --- app/auth/authentication.py | 12 ++++++--- app/schema/schema_auth.py | 2 +- app/test/test_auth_basic.py | 53 +++++++++++++++++++++---------------- 3 files changed, 39 insertions(+), 28 deletions(-) diff --git a/app/auth/authentication.py b/app/auth/authentication.py index 42ef9b0e..07fa32ce 100644 --- a/app/auth/authentication.py +++ b/app/auth/authentication.py @@ -386,11 +386,14 @@ def get_users_kratos_filter(base_url,name,roles,limit,skip):#pylint: disable=too "userId":data["id"], "name":data["traits"]["name"] } - kratos_user["name"]["fullname"] = data["traits"]["name"]["first"].capitalize() \ - + " "+ data["traits"]["name"]["last"].capitalize() + + first_name = data["traits"]["name"]["first"].capitalize() + last_name = data["traits"]["name"].get("last", "") + last_name = last_name.capitalize() if last_name else last_name + kratos_user["name"]["fullname"] = first_name+ " " + last_name + if not name is None: if name.lower() == kratos_user["name"]["fullname"].lower() or\ - name.lower() == kratos_user["name"]["last"].lower() or\ name.lower() == kratos_user["name"]["first"].lower(): name_status = True else: @@ -486,12 +489,13 @@ def update_kratos_user(rec_user_id,data): def register_check_success(reg_response): """register reqirement success""" name_path = reg_response["identity"]["traits"]["name"] + last_name = name_path.get("last", "") data={ "message":"Registration Successfull", "registered_details":{ "id":reg_response["identity"]["id"], "email":reg_response["identity"]["traits"]["email"], - "Name":str(name_path["first"]) + " " + str(name_path["last"]), + "Name":str(name_path["first"]) + " " + last_name, "Permissions": reg_response["identity"]["traits"]["userrole"] }, "token":reg_response["session_token"] diff --git a/app/schema/schema_auth.py b/app/schema/schema_auth.py index 0ce29496..34f801a0 100644 --- a/app/schema/schema_auth.py +++ b/app/schema/schema_auth.py @@ -41,7 +41,7 @@ class Registration(BaseModel): """kratos registration input""" email:str password:types.SecretStr - firstname:str = None + firstname:str lastname:str = None class EditUser(BaseModel): diff --git a/app/test/test_auth_basic.py b/app/test/test_auth_basic.py index ebda3658..aa779172 100644 --- a/app/test/test_auth_basic.py +++ b/app/test/test_auth_basic.py @@ -40,7 +40,7 @@ def login(data): if response.status_code == 200: assert response.json()['message'] == "Login Succesfull" token = response.json()['token'] - assert len(token) == 32 + assert len(token) == 39 assert "userId" in response.json() elif response.status_code == 401: assert response.json()['error'] == "Authentication Error" @@ -63,7 +63,7 @@ def register(data,apptype): assert "Permissions" in response.json()["registered_details"] assert "token" in response.json() token = response.json()['token'] - assert len(token) == 32 + assert len(token) == 39 return response #appending roles to same user on duplicate registration @@ -213,7 +213,9 @@ def test_incorrect_email(): """test for validation of incorrect email""" data = { "email": "incorrectemail", - "password": "passwordabc@1" + "password": "passwordabc@1", + "firstname": "user registration", + "lastname": "ABCD Test" } response = register(data,apptype=schema_auth.App.API.value) assert response.status_code == 422 @@ -225,7 +227,9 @@ def test_validate_password(): #short password data = { "email": "PQR@gmail.com", - "password": "test" + "password": "test", + "firstname": "user registration", + "lastname": "PQR Test" } response = register(data,apptype=schema_auth.App.API.value) assert response.status_code == 422 @@ -234,7 +238,9 @@ def test_validate_password(): #less secure password data = { "email": "PQR@gmail.com", - "password": "password" + "password": "password", + "firstname": "user registration", + "lastname": "PQR Test" } response = register(data,apptype=schema_auth.App.API.value) assert response.status_code == 422 @@ -243,29 +249,20 @@ def test_validate_password(): #test for optional params in registration def test_optional_register_params(create_user_fixture): """test for optional params in the registration""" - #app type is none + #app type is none and lastname is not passed data = { - "email": "abc@gmail.com", - "password": "passwordabc@1", - "firstname": "user registration", - "lastname": "ABC Test" + "email": "abcd@gmail.com", + "password": "passwordabc@11", + "firstname": "user registration" } response = register(data,apptype=schema_auth.App.API.value) assert response.json()["registered_details"]["Permissions"] == \ [schema_auth.App.API.value] abc_id = response.json()["registered_details"]["id"] - #no first and last name, registration execute without error - data = { - "email": "abc1@gmail.com", - "password": "passwordabc@1" - } - response1 = register(data,apptype=schema_auth.App.API.value) - abc1_id = response1.json()["registered_details"]["id"] users_list = create_user_fixture users_list.append(abc_id) - users_list.append(abc1_id) #test register with missing field def test_register_incorrectdatas(): @@ -384,7 +381,9 @@ def test_register_roles(create_user_fixture): # #role changed ag --> vachan data_xyz2 = { "email": "xyz2@gmail.com", - "password": "passwordxyz2@1" + "password": "passwordxyz2@1", + "firstname": "xyz user 2", + "lastname": "xyz Test 2" } response2 = register_role_appending(data_xyz2,apptype=schema_auth.App.VACHAN.value) assert response2.json()["registered_details"]["Permissions"] ==\ @@ -393,7 +392,9 @@ def test_register_roles(create_user_fixture): #role changed none --> ag data_xyz3 = { "email": "xyz3@gmail.com", - "password": "passwordxyz3@1" + "password": "passwordxyz3@1", + "firstname": "xyz user 3", + "lastname": "xyz Test 3" } response3 = register_role_appending(data_xyz3,apptype=schema_auth.App.AG.value) assert response3.json()["registered_details"]["Permissions"] ==\ @@ -423,7 +424,9 @@ def test_role_assignment_superadmin(create_user_fixture): #create 2 users user1 = { "email": "vachan@gmail.com", - "password": "passwordvachan@1" + "password": "passwordvachan@1", + "firstname": "vachan", + "lastname": "User Test" } response1 = register(user1,apptype=schema_auth.App.API.value) user1_id = response1.json()["registered_details"]["id"] @@ -431,7 +434,9 @@ def test_role_assignment_superadmin(create_user_fixture): user2 = { "email": "ag@gmail.com", - "password": "passwordag@1" + "password": "passwordag@1", + "firstname": "Ag", + "lastname": "User Test" } response2 = register(user2,apptype=schema_auth.App.API.value) user2_id = response2.json()["registered_details"]["id"] @@ -494,7 +499,9 @@ def test_token_expiry(create_user_fixture): #try change role with super user after logout user = { "email": "user@gmail.com", - "password": "passworduser@1" + "password": "passworduser@1", + "firstname": "user ", + "lastname": "role change Test" } response2 = register(user,apptype=schema_auth.App.API.value) user_id = response2.json()["registered_details"]["id"] From b23efe59bf73db3c494b8714b5356845c65c8ead Mon Sep 17 00:00:00 2001 From: shimilgithub Date: Thu, 14 Sep 2023 13:34:39 +0530 Subject: [PATCH 2/5] adding changes in docker directory --- docker/Kratos_config/database.yml | 2 +- docker/Kratos_config/email-password/kratos.yml | 7 +++++-- docker/Kratos_config/quickstart.yml | 6 +++--- docker/docker-compose.yml | 8 ++++---- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/docker/Kratos_config/database.yml b/docker/Kratos_config/database.yml index 25050ae4..8df198aa 100644 --- a/docker/Kratos_config/database.yml +++ b/docker/Kratos_config/database.yml @@ -2,7 +2,7 @@ version: "3.7" services: kratos-migrate: - image: oryd/kratos:v0.7.0-alpha.1 + image: oryd/kratos:v1.0.0 environment: - DSN=${VACHAN_AUTH_DATABASE:-postgres://kratos:secret@postgresd:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4} volumes: diff --git a/docker/Kratos_config/email-password/kratos.yml b/docker/Kratos_config/email-password/kratos.yml index ee777bd3..1e612074 100644 --- a/docker/Kratos_config/email-password/kratos.yml +++ b/docker/Kratos_config/email-password/kratos.yml @@ -12,7 +12,7 @@ serve: selfservice: default_browser_return_url: http://127.0.0.1:4455/ - whitelisted_return_urls: + allowed_return_urls: - http://127.0.0.1:4455 methods: @@ -77,7 +77,10 @@ session: lifespan: 60m identity: - default_schema_url: file:///etc/config/kratos/identity.schema.json + default_schema_id: default + schemas: + - id: default + url: file:///etc/config/kratos/identity.schema.json # courier: # smtp: diff --git a/docker/Kratos_config/quickstart.yml b/docker/Kratos_config/quickstart.yml index 3136f135..e5078f54 100644 --- a/docker/Kratos_config/quickstart.yml +++ b/docker/Kratos_config/quickstart.yml @@ -2,7 +2,7 @@ version: '3.7' services: kratos-migrate: - image: oryd/kratos:v0.7.0-alpha.1 + image: oryd/kratos:v1.0.0 environment: - DSN=postgres://kratos:secret@postgresd:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4 volumes: @@ -19,7 +19,7 @@ services: - intranet kratos-selfservice-ui-node: - image: oryd/kratos-selfservice-ui-node:v0.7.0-alpha.1 + image: oryd/kratos-selfservice-ui-node:v1.0.0 environment: - KRATOS_PUBLIC_URL=http://kratos:4433/ - KRATOS_ADMIN_URL=http://kratos:4434/ @@ -30,7 +30,7 @@ services: kratos: depends_on: - kratos-migrate - image: oryd/kratos:v0.7.0-alpha.1 + image: oryd/kratos:v1.0.0 ports: - '4433:4433' # public - '4434:4434' # admin diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 360a41e7..2c8b7eb9 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -3,7 +3,7 @@ services: kratos-postgresd: image: postgres:9.6 ports: - - "5432:5432" + - "5438:5432" expose: - 5432 restart: always @@ -23,7 +23,7 @@ services: - VE-network kratos-migrate: - image: oryd/kratos:v0.7.0-alpha.1 + image: oryd/kratos:v1.0.0 environment: - DSN=${VACHAN_AUTH_DATABASE:-postgres://kratos:secret@kratos-postgresd:5432/kratos?sslmode=disable&max_conns=20&max_idle_conns=4} volumes: @@ -44,7 +44,7 @@ services: - VE-network kratos: - image: oryd/kratos:v0.7.0-alpha.1 + image: oryd/kratos:v1.0.0 ports: - '4433:4433' # public # - '4434:4434' # admin @@ -91,7 +91,7 @@ services: - 5432 ports: # HOST:CONTAINER - - "5433:5432" + - "5439:5432" networks: - VE-network volumes: From 62f79b8a0d59bd1773bc784c37c9d78374209ed5 Mon Sep 17 00:00:00 2001 From: shimilgithub Date: Fri, 15 Sep 2023 10:24:35 +0530 Subject: [PATCH 3/5] Resolving issues in PR --- app/auth/authentication.py | 3 ++- docker/Kratos_config/email-password/kratos.yml | 18 +++++++++--------- docker/docker-compose.yml | 2 +- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/app/auth/authentication.py b/app/auth/authentication.py index 07fa32ce..9ced304c 100644 --- a/app/auth/authentication.py +++ b/app/auth/authentication.py @@ -495,7 +495,8 @@ def register_check_success(reg_response): "registered_details":{ "id":reg_response["identity"]["id"], "email":reg_response["identity"]["traits"]["email"], - "Name":str(name_path["first"]) + " " + last_name, + "Name": str(name_path["first"]) + (" " + last_name if last_name else ""), + "Permissions": reg_response["identity"]["traits"]["userrole"] }, "token":reg_response["session_token"] diff --git a/docker/Kratos_config/email-password/kratos.yml b/docker/Kratos_config/email-password/kratos.yml index 1e612074..b7c48842 100644 --- a/docker/Kratos_config/email-password/kratos.yml +++ b/docker/Kratos_config/email-password/kratos.yml @@ -11,9 +11,9 @@ serve: base_url: http://kratos:4434/ selfservice: - default_browser_return_url: http://127.0.0.1:4455/ + default_browser_return_url: http://kratos:4455/ allowed_return_urls: - - http://127.0.0.1:4455 + - http://kratos:4455 methods: password: @@ -23,33 +23,33 @@ selfservice: flows: error: - ui_url: http://127.0.0.1:4455/error + ui_url: http://kratos:4455/error settings: - ui_url: http://127.0.0.1:4455/settings + ui_url: http://kratos:4455/settings privileged_session_max_age: 15m recovery: enabled: true - ui_url: http://127.0.0.1:4455/recovery + ui_url: http://kratos:4455/recovery verification: enabled: true - ui_url: http://127.0.0.1:4455/verify + ui_url: http://kratos:4455/verify after: default_browser_return_url: https://api.vachanengine.org/ logout: after: - default_browser_return_url: http://127.0.0.1:4455/auth/login + default_browser_return_url: http://kratos:4455/auth/login login: - ui_url: http://127.0.0.1:4455/auth/login + ui_url: http://kratos:4455/auth/login lifespan: 2m registration: lifespan: 10m - ui_url: http://127.0.0.1:4455/auth/registration + ui_url: http://kratos:4455/auth/registration after: password: hooks: diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 2c8b7eb9..9fcaa82d 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -91,7 +91,7 @@ services: - 5432 ports: # HOST:CONTAINER - - "5439:5432" + - "5433:5432" networks: - VE-network volumes: From 58f5ae91d7679bf68baf3c054b816fedd92e1118 Mon Sep 17 00:00:00 2001 From: shimilgithub Date: Fri, 15 Sep 2023 10:32:13 +0530 Subject: [PATCH 4/5] reverting changes in port number --- docker/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 9fcaa82d..8ef41136 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -3,7 +3,7 @@ services: kratos-postgresd: image: postgres:9.6 ports: - - "5438:5432" + - "5432:5432" expose: - 5432 restart: always From 4862e888a45de3e4c7f56b22d68c218a0b6b03b7 Mon Sep 17 00:00:00 2001 From: shimilgithub Date: Fri, 15 Sep 2023 15:59:39 +0530 Subject: [PATCH 5/5] removing ending blank spaces if lastname is not present --- app/auth/authentication.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/auth/authentication.py b/app/auth/authentication.py index 9ced304c..65b06e1e 100644 --- a/app/auth/authentication.py +++ b/app/auth/authentication.py @@ -390,8 +390,7 @@ def get_users_kratos_filter(base_url,name,roles,limit,skip):#pylint: disable=too first_name = data["traits"]["name"]["first"].capitalize() last_name = data["traits"]["name"].get("last", "") last_name = last_name.capitalize() if last_name else last_name - kratos_user["name"]["fullname"] = first_name+ " " + last_name - + kratos_user["name"]["fullname"] = first_name+(" " + last_name if last_name else "") if not name is None: if name.lower() == kratos_user["name"]["fullname"].lower() or\ name.lower() == kratos_user["name"]["first"].lower():