Skip to content

Commit

Permalink
Remove default login view (Qiskit#1215)
Browse files Browse the repository at this point in the history
* remove default login view

Signed-off-by: Akihiko Kuroda <[email protected]>
  • Loading branch information
akihikokuroda authored and david-alber committed Feb 13, 2024
1 parent 08dc70d commit b54176d
Show file tree
Hide file tree
Showing 6 changed files with 47 additions and 146 deletions.
4 changes: 3 additions & 1 deletion gateway/api/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,9 @@ def run_existing(self, request):
carrier = {}
TraceContextTextMapPropagator().inject(carrier)
arguments = serializer.data.get("arguments")
token = request.auth.token.decode()
token = ""
if request.auth:
token = request.auth.token.decode()
try:
job = self.get_service_job_class().save(
program=program,
Expand Down
9 changes: 0 additions & 9 deletions gateway/main/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@
# Application definition

INSTALLED_APPS = [
"django.contrib.admin",
"django.contrib.auth",
"django.contrib.contenttypes",
"django.contrib.sessions",
Expand All @@ -59,10 +58,6 @@
"rest_framework.authtoken",
"rest_framework_simplejwt",
"allauth",
"allauth.account",
"allauth.socialaccount",
"dj_rest_auth",
"dj_rest_auth.registration",
"api",
"psycopg2",
"drf_yasg",
Expand All @@ -76,11 +71,9 @@
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.csrf.CsrfViewMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"django_prometheus.middleware.PrometheusAfterMiddleware",
"allauth.account.middleware.AccountMiddleware",
]

ROOT_URLCONF = "main.urls"
Expand Down Expand Up @@ -180,8 +173,6 @@
]

AUTHENTICATION_BACKENDS = [
# Needed to login by username in Django admin, regardless of `allauth`
"django.contrib.auth.backends.ModelBackend",
# `allauth` specific authentication methods, such as login by e-mail
"allauth.account.auth_backends.AuthenticationBackend",
]
Expand Down
4 changes: 0 additions & 4 deletions gateway/main/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@

from django.conf import settings
from django.conf.urls.static import static
from django.contrib import admin
from django.urls import path, include, re_path
from django.views.generic import TemplateView
from rest_framework import routers, permissions
Expand All @@ -43,10 +42,7 @@


urlpatterns = [
path("dj-rest-auth/", include("dj_rest_auth.urls")),
path("accounts/", include("allauth.urls")),
path("api-auth/", include("rest_framework.urls")),
path("admin/", admin.site.urls),
path("readiness/", probes.views.readiness, name="readiness"),
path("liveness/", probes.views.liveness, name="liveness"),
path("", include("django_prometheus.urls")),
Expand Down
57 changes: 15 additions & 42 deletions gateway/tests/api/test_files.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
from django.urls import reverse
from rest_framework import status
from rest_framework.test import APITestCase
from django.contrib.auth import models


class TestFilesApi(APITestCase):
Expand All @@ -30,25 +31,17 @@ def test_files_list(self):
media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))

with self.settings(MEDIA_ROOT=media_root):
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)
url = reverse("v1:files-list")
response = self.client.get(url, format="json")
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(response.data, {"results": ["artifact.tar"]})

def test_non_existing_file_download(self):
"""Tests downloading non-existing file."""
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)
url = reverse("v1:files-download")
response = self.client.get(
url, data={"file": "non_existing.tar"}, format="json"
Expand All @@ -68,12 +61,8 @@ def test_file_download(self):
media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))

with self.settings(MEDIA_ROOT=media_root):
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)
url = reverse("v1:files-download")
response = self.client.get(
url, data={"file": "artifact.tar"}, format="json"
Expand All @@ -99,12 +88,8 @@ def test_file_delete(self):
fp.close()

with self.settings(MEDIA_ROOT=media_root):
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)
url = reverse("v1:files-delete")
response = self.client.delete(
url, data={"file": "artifact_delete.tar"}, format="json"
Expand All @@ -122,12 +107,8 @@ def test_non_existing_file_delete(self):
media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))

with self.settings(MEDIA_ROOT=media_root):
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)
url = reverse("v1:files-delete")
response = self.client.delete(
url, data={"file": "artifact_delete.tar"}, format="json"
Expand All @@ -145,12 +126,8 @@ def test_file_upload(self):
media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))

with self.settings(MEDIA_ROOT=media_root):
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)
url = reverse("v1:files-upload")
with open("README.md") as f:
response = self.client.post(
Expand All @@ -172,12 +149,8 @@ def test_escape_directory(self):
"fake_media",
)
):
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)
url = reverse("v1:files-download")
response = self.client.get(
url, data={"file": "../test_user_2/artifact_2.tar"}, format="json"
Expand Down
16 changes: 4 additions & 12 deletions gateway/tests/api/test_job.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
from rest_framework.test import APITestCase

from api.models import Job
from django.contrib.auth import models


class TestJobApi(APITestCase):
Expand All @@ -14,12 +15,8 @@ class TestJobApi(APITestCase):

def _authorize(self):
"""Authorize client."""
auth = reverse("rest_login")
resp = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = resp.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
user = models.User.objects.get(username="test_user")
self.client.force_authenticate(user=user)

def test_job_non_auth_user(self):
"""Tests job list non-authorized."""
Expand Down Expand Up @@ -68,12 +65,7 @@ def test_job_save_result(self):

def test_stop_job(self):
"""Tests job stop."""
auth = reverse("rest_login")
response = self.client.post(
auth, {"username": "test_user", "password": "123"}, format="json"
)
token = response.data.get("access")
self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
self._authorize()

job_stop_response = self.client.post(
reverse(
Expand Down
Loading

0 comments on commit b54176d

Please sign in to comment.