Skip to content

Commit

Permalink
Merge branch 'main' into realtime-bid-updates
Browse files Browse the repository at this point in the history
  • Loading branch information
@kevinrczhang
kevinrczhang authored Apr 10, 2024
2 parents 8372d01 + 959c022 commit 5f090c7
Show file tree
Hide file tree
Showing 19 changed files with 1,796 additions and 1,016 deletions.
4 changes: 3 additions & 1 deletion .github/pull_request_template.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,6 @@ Fixes # (ticket #)
- [ ] I have made corresponding changes to the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] New and existing unit tests pass locally with my changes

/assignme
3 changes: 1 addition & 2 deletions backend/auction/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,8 +360,7 @@ def get(self, request, auction_id, auction_day_id):
status=status.HTTP_200_OK,
)

def post(self, request, auction_id):
auction_day_id = request.data.get("auction_day_id")
def post(self, request, auction_id, auction_day_id):
content_type = request.data.get("content_type")
object_ids = request.data.get("object_ids")

Expand Down
1 change: 1 addition & 0 deletions backend/core/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
import os
from datetime import timedelta
from pathlib import Path

from corsheaders.defaults import default_headers
from dotenv import load_dotenv

Expand Down
41 changes: 10 additions & 31 deletions backend/services/AWSCognitoService.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def __init__(self):
region_name=settings.AWS_S3_REGION_NAME,
)

def _generate_unique_bidder_number(self):
def _generate_unique_customer_id(self):
try:
users = self.client.list_users_in_group(
UserPoolId=settings.COGNITO_USER_POOL_ID,
Expand All @@ -25,7 +25,7 @@ def _generate_unique_bidder_number(self):
existing_numbers = []
for user in users:
for attr in user["Attributes"]:
if attr["Name"] == "custom:bidder_number":
if attr["Name"] == "custom:customer_id":
existing_numbers.append(attr["Value"])
except self.client.exceptions.ClientError as e:
print(f"Error during user existence check: {e}")
Expand All @@ -36,15 +36,6 @@ def _generate_unique_bidder_number(self):
if number not in existing_numbers:
return number

def _calculate_secret_hash(self, username):
message = username + settings.COGNITO_APP_CLIENT_ID
dig = hmac.new(
settings.COGNITO_APP_CLIENT_SECRET.encode("utf-8"),
msg=message.encode("utf-8"),
digestmod=hashlib.sha256,
).digest()
return base64.b64encode(dig).decode()

def _map_cognito_attributes(self, attributes, is_admin=False):
details = {attr["Name"]: attr["Value"] for attr in attributes}

Expand All @@ -61,7 +52,7 @@ def _map_cognito_attributes(self, attributes, is_admin=False):
mapped["company_name"] = details.get("custom:company_name", "")
mapped["company_address"] = details.get("custom:company_address", "")
mapped["phone_number"] = details.get("custom:phone_number", "")
mapped["bidder_number"] = int(details.get("custom:bidder_number", ""))
mapped["customer_id"] = int(details.get("custom:customer_id", ""))
mapped["is_verified"] = details.get("custom:is_verified", "") == "true"
mapped["is_blacklisted"] = (
details.get("custom:is_blacklisted", "") == "true"
Expand All @@ -71,11 +62,9 @@ def _map_cognito_attributes(self, attributes, is_admin=False):

def create_user(self, email, password, **kwargs):
attributes = self._prepare_user_attributes(**kwargs)
secret_hash = self._calculate_secret_hash(email)
try:
response = self.client.sign_up(
ClientId=settings.COGNITO_APP_CLIENT_ID,
SecretHash=secret_hash,
Username=email,
Password=password,
UserAttributes=attributes,
Expand All @@ -96,7 +85,7 @@ def _prepare_user_attributes(
{"Name": "family_name", "Value": family_name},
]
if is_admin:
if kwargs["permission_level"] is not None:
if kwargs.get("permission_level") is not None:
attributes.append(
{
"Name": "custom:permission_level",
Expand All @@ -105,19 +94,15 @@ def _prepare_user_attributes(
)
else:
if not is_update:
bidder_number = self._generate_unique_bidder_number()
if not bidder_number:
customer_id = self._generate_unique_customer_id()
if not customer_id:
return None
attributes.append(
{"Name": "custom:bidder_number", "Value": bidder_number}
)
attributes.append({"Name": "custom:customer_id", "Value": customer_id})
attributes.extend(
[
{"Name": f"custom:{key}", "Value": str(value)}
for key, value in kwargs.items()
if key != "is_admin"
and key != "permission_level"
and key != "phone_number"
if key not in ["is_admin", "permission_level", "phone_number"]
]
)
if kwargs.get("phone_number") is not None:
Expand All @@ -139,6 +124,8 @@ def _add_user_to_group(self, email, group_name):
except self.client.exceptions.ClientError as e:
print(f"Error adding user to group {group_name}: {e}")

# The functions below no longer require secret hash related parameters

def change_password(self, access_token, previous_password, new_password):
try:
self.client.change_password(
Expand All @@ -152,24 +139,20 @@ def change_password(self, access_token, previous_password, new_password):
return False

def initiate_password_reset(self, email):
secret_hash = self._calculate_secret_hash(email)
try:
self.client.forgot_password(
ClientId=settings.COGNITO_APP_CLIENT_ID,
Username=email,
SecretHash=secret_hash,
)
return True
except Exception as e:
print(f"Error initiating password reset: {e}")
return False

def confirm_password_reset(self, email, verification_code, new_password):
secret_hash = self._calculate_secret_hash(email)
try:
self.client.confirm_forgot_password(
ClientId=settings.COGNITO_APP_CLIENT_ID,
SecretHash=secret_hash,
Username=email,
ConfirmationCode=verification_code,
Password=new_password,
Expand All @@ -191,13 +174,11 @@ def change_email(self, access_token, new_email):
return False

def verify_email(self, email, verification_code):
secret_hash = self._calculate_secret_hash(email)
try:
self.client.confirm_sign_up(
ClientId=settings.COGNITO_APP_CLIENT_ID,
Username=email,
ConfirmationCode=verification_code,
SecretHash=secret_hash,
ForceAliasCreation=False,
)
return True
Expand All @@ -206,14 +187,12 @@ def verify_email(self, email, verification_code):
return False

def refresh_tokens(self, username, refresh_token):
secret_hash = self._calculate_secret_hash(username)
try:
response = self.client.initiate_auth(
ClientId=settings.COGNITO_APP_CLIENT_ID,
AuthFlow="REFRESH_TOKEN_AUTH",
AuthParameters={
"REFRESH_TOKEN": refresh_token,
"SECRET_HASH": secret_hash,
},
)
return response.get("AuthenticationResult")
Expand Down
4 changes: 2 additions & 2 deletions emailService/src/handlers/cognitoCustomMessage.mjs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ export const cognitoCustomMessageHandler = async (event) => {
const email = encodeURIComponent(event.request.userAttributes["email"]);
const verificationCode = event.request.codeParameter;

const verificationLink = `http://localhost:8000/api/v1/auth/email-verify/?email=${email}&code=${verificationCode}`;
const verificationLink = `https://www.api.auction.microvaninc.com/v1/auth/email-verify?email=${email}&code=${verificationCode}`;

const emailContent = `
<html>
Expand Down Expand Up @@ -125,7 +125,7 @@ export const cognitoCustomMessageHandler = async (event) => {
and Conditions.
</p>
<div class="button-container">
<a href="${verificationLink}" class="button-link">Click here to verify</a>
<a href="${verificationLink}" class="button-link" style="color: #ffffff !important; text-decoration: none !important;">Click here to verify</a>
</div>
<p>
If the button does not work, use this link or copy this link into your browser: <br /><a
Expand Down
Loading

0 comments on commit 5f090c7

Please sign in to comment.