Auth fix (#56)

* added some missing auth urls locally to test properly

* added new error messages to auth page

this will be set up for the auth urls to redirect with a message

* set up bad allauth urls to redirect to savageaim auth

* version bump

* updated backend dockerfiles with better procedures

* updated backend requirements for security

* update actions to use omit=dev for audit

.github/workflows/npm-audit.yml

@@ -18,4 +18,4 @@ jobs:
       uses: actions/setup-node@v2
       with:
         node-version: 16
-    - run: npm audit --production
+    - run: npm audit --omit=dev

backend/backend/settings_live.py

@@ -178,7 +178,7 @@ def sampler(context):
     # If you wish to associate users to errors (assuming you are using
     # django.contrib.auth) you may enable sending PII data.
     send_default_pii=True,
-    release='savageaim@20230601',
+    release='savageaim@20230701',
 )
 
 # Channels

backend/backend/urls.py

@@ -14,18 +14,32 @@
     2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
 from allauth.socialaccount.providers.discord.urls import urlpatterns as discord_urls
+from django.conf import settings
 from django.contrib import admin
 from django.contrib.auth.views import LogoutView
 from django.http import HttpResponse
 from django.urls import path, include
+from django.views.generic.base import RedirectView
 
 patterns = [
     path('admin/', admin.site.urls),
     path('api/', include(('api.urls', 'api'))),
-    # Auth stuff (TODO - replace this because it's sorta workaroundy)
-    path('accounts/', include(discord_urls)),
     path('health/', lambda _: HttpResponse()),
     path('logout/', LogoutView.as_view()),
+
+    # Auth stuff (TODO - replace this because it's sorta workaroundy)
+    path('accounts/', include(discord_urls)),
+    # Set auth urls to redirect and display an error message instead
+    path(
+        'auth/cancelled/',
+        RedirectView.as_view(url=f'{settings.LOGIN_REDIRECT_URL}/auth/?auth_cancelled=1', permanent=True),
+        name='socialaccount_login_cancelled',
+    ),
+    path(
+        'auth/error/',
+        RedirectView.as_view(url=f'{settings.LOGIN_REDIRECT_URL}/auth/?auth_error=1', permanent=True),
+        name='socialaccount_login_error',
+    ),
 ]
 
 urlpatterns = [

backend/backend/urls_live.py

@@ -14,20 +14,30 @@
     2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
 from allauth.socialaccount.providers.discord.urls import urlpatterns as discord_urls
-from allauth.socialaccount.views import login_cancelled, login_error
+from django.conf import settings
 from django.contrib.auth.views import LogoutView
 from django.http import HttpResponse
 from django.urls import path, include
+from django.views.generic.base import RedirectView
 
 patterns = [
     path('api/', include(('api.urls', 'api'))),
+    path('health/', lambda _: HttpResponse()),
+    path('logout/', LogoutView.as_view()),
 
     # Auth stuff (TODO - replace this because it's sorta workaroundy)
     path('accounts/', include(discord_urls)),
-    path('auth/cancelled/', login_cancelled, name='socialaccount_login_cancelled'),
-    path('auth/error/', login_error, name='socialaccount_login_error'),
-    path('health/', lambda _: HttpResponse()),
-    path('logout/', LogoutView.as_view()),
+    # Set auth urls to redirect and display an error message instead
+    path(
+        'auth/cancelled/',
+        RedirectView.as_view(url=f'{settings.LOGIN_REDIRECT_URL}/auth/?auth_cancelled=1', permanent=True),
+        name='socialaccount_login_cancelled',
+    ),
+    path(
+        'auth/error/',
+        RedirectView.as_view(url=f'{settings.LOGIN_REDIRECT_URL}/auth/?auth_error=1', permanent=True),
+        name='socialaccount_login_error',
+    ),
 ]
 
 urlpatterns = [

backend/deployment/Dockerfile

@@ -2,12 +2,15 @@ FROM python:3
 
 WORKDIR /savage-aim
 
-COPY . .
+# Copy and install requirements
+COPY requirements.txt .
+RUN pip3 install -r requirements.txt
+RUN pip3 install gunicorn
+
 
-# Install requirements and move live files to the correct spot
-RUN pip3 install -r requirements.txt && \
-    pip3 install gunicorn && \
-    mv backend/urls_live.py backend/urls.py && \
+# Copy rest of files, and set up proper live file links
+COPY . .
+RUN mv backend/urls_live.py backend/urls.py && \
     mv backend/settings_live.py backend/settings.py
 
 # Set the gunicorn to run the wsgi file

backend/deployment/ws.Dockerfile

@@ -2,12 +2,15 @@ FROM python:3
 
 WORKDIR /savage-aim
 
-COPY . .
+# Copy and install requirements
+COPY requirements.txt .
+RUN pip3 install -r requirements.txt
+RUN pip3 install daphne
+
 
-# Install requirements and move live files to the correct spot
-RUN pip3 install -r requirements.txt && \
-    pip3 install daphne && \
-    mv backend/urls_live.py backend/urls.py && \
+# Copy rest of files, and set up proper live file links
+COPY . .
+RUN mv backend/urls_live.py backend/urls.py && \
     mv backend/settings_live.py backend/settings.py
 
 # Set the gunicorn to run the wsgi file

backend/requirements.txt

@@ -20,7 +20,7 @@ click-repl==0.2.0
 constantly==15.1.0
 coreapi==2.3.3
 coreschema==0.0.4
-cryptography==40.0.2
+cryptography==41.0.1
 daphne==3.0.2
 defusedxml==0.7.1
 Deprecated==1.2.13
@@ -47,13 +47,13 @@ pyasn1==0.4.8
 pyasn1-modules==0.2.8
 pycparser==2.21
 PyJWT==2.4.0
-pyOpenSSL==23.1.1
+pyOpenSSL==23.2.0
 pyparsing==3.0.6
 python3-openid==3.2.0
 pytz==2021.3
 PyYAML==5.4
 redis==4.5.5
-requests==2.26.0
+requests==2.31.0
 requests-oauthlib==1.3.0
 sentry-sdk==1.22.2
 service-identity==21.1.0

frontend/.env

@@ -1 +1 @@
-VUE_APP_VERSION="20230601"
+VUE_APP_VERSION="20230701"

frontend/src/components/modals/changelog.vue

@@ -13,14 +13,8 @@
     <div class="card-content content">
       <h2 class="has-text-primary subtitle">{{ version }}</h2>
 
-      <div class="divider"><i class="material-icons icon">expand_more</i> Minor Updates <i class="material-icons icon">expand_more</i></div>
-      <p>Item Level filtering in BIS pages now uses a slider instead of two large dropdowns.</p>
-      <p class="has-text-info">The dropdowns had 21 entries in them as of 6.4's release, so it felt like it was a good time to move it to something more manageable.</p>
-      <p class="has-text-info">If there are any alternative suggestions, please consider leaving them in the Discord!</p>
-
       <div class="divider"><i class="material-icons icon">expand_more</i> Fixes <i class="material-icons icon">expand_more</i></div>
-      <p>Set the default Item Level filters on BIS pages to be the item level range for Anabaseios.</p>
-      <p>Fixed issue where error messages were not correctly appearing on the New Proxy Character page.</p>
+      <p>Fixed a HTTP 500 Server Error that could occur during login.</p>
 
     </div>
   </div>

frontend/src/main.ts

@@ -27,7 +27,7 @@ Sentry.init({
   Vue,
   dsn: 'https://[email protected]/6180221',
   logErrors: true,
-  release: 'savageaim@20230601',
+  release: 'savageaim@20230701',
 })
 
 new Vue({

frontend/src/views/auth.vue

@@ -1,8 +1,17 @@
 <template>
   <div id="auth" class="container">
+    <!-- Error Messages -->
     <div v-if="redirect" class="notification is-warning">
       <p>Please log in to continue.</p>
     </div>
+    <div v-if="wasCancelled" class="notification is-info">
+      Login attempt cancelled!
+    </div>
+    <div v-if="wasError" class="notification is-danger">
+      An error occurred while attempting to log in. Please try again later or report it in the Discord server if it persists.
+    </div>
+
+    <!-- Actual Auth Stuff -->
     <div class="card">
       <div class="card-header">
         <div class="card-header-title">
@@ -49,6 +58,15 @@ export default class Auth extends SavageAimMixin {
     this.checkAuth()
     document.title = 'Login - Savage Aim'
   }
+
+  // Handlers for the other potential error messages
+  get wasCancelled(): boolean {
+    return this.$route.query.auth_cancelled === '1'
+  }
+
+  get wasError(): boolean {
+    return this.$route.query.auth_error === '1'
+  }
 }
 </script>