GeneNetwork3 REST API for data science and machine learning http://git.genenetwork.org/genenetwork3/atom?h=migrate-to-python3.10 2023-07-10T08:36:47+00:00 2023-07-10T08:36:47+00:00 Frederick Muriuki Muriithi 2023-07-10T08:36:47+00:00 urn:sha1:c6ac30d4ccc26553a12e8c37cdf9078cbe9084b3 2023-07-06T14:53:23+00:00 Frederick Muriuki Muriithi 2023-07-06T14:53:23+00:00 urn:sha1:edebea34ac6545909737ce9540e9d51858550873 2023-07-03T07:46:12+00:00 Frederick Muriuki Muriithi 2023-07-03T07:46:12+00:00 urn:sha1:424a515120478998592663725d2d1186d36304f4 2023-06-30T06:19:39+00:00 Frederick Muriuki Muriithi 2023-06-30T06:19:39+00:00 urn:sha1:cd16f99aa23123f2398e3a3a542d84363d7a7b16 2023-05-30T08:27:17+00:00 Frederick Muriuki Muriithi 2023-05-30T08:27:17+00:00 urn:sha1:0b0da1783bc701e74a1972869bdb221a3c9a6b2a We are saving the client secret in an encrypted form, meaning we have to verify that the CLIENT_SECRET that is provided is the same one as was generated at registration in a different way. Initially, I was doing a direct comparison, having saved the CLIENT_SECRET value as unencrypted plain-text. 2023-05-29T11:56:24+00:00 Frederick Muriuki Muriithi 2023-05-29T11:56:24+00:00 urn:sha1:2aa7abf383df814f24c88beea733c324cda682d0 Add UI and code to enable the administrative user to register new OAuth2 clients that can access the API server. 2023-05-29T08:21:48+00:00 Frederick Muriuki Muriithi 2023-05-29T08:21:48+00:00 urn:sha1:25c6da03e1639895f0051e8be6502762beefde0b * gn3/auth/authentication/oauth2/views.py: Remove endpoint * gn3/auth/authorisation/users/admin/__init__.py: New admin module * gn3/auth/authorisation/users/admin/ui.py: New admin module * gn3/auth/authorisation/users/admin/views.py: New admin module * gn3/auth/views.py: Use new admin module * gn3/errors.py: Fix linting errors * gn3/templates/login.html: New html template * main.py: Fix linting errors 2023-05-27T10:50:51+00:00 Frederick Muriuki Muriithi 2023-05-27T10:50:51+00:00 urn:sha1:45a7a6bc59eb28cdd2ceeee0e84506cf292b6466 * docs/authentication_and_authorisation/oauth2_clients.md: New documentation * gn3/auth/authentication/oauth2/server.py: Raise appropriate error if no client is found. * gn3/auth/authentication/oauth2/views.py: Handle exception in the case where a UI should be presented to the user, rather than presenting the raw JSON response to the user. * gn3/errors.py: Handle any authlib OAuth2Error at the application's top-level * gn3/templates/oauth2/oauth2_error.html: Handle any authlib OAuth2Error at the application's top-level 2023-05-10T10:16:42+00:00 Frederick Muriuki Muriithi 2023-05-10T10:16:42+00:00 urn:sha1:1d6a4ad6b41c01a06d8ee8984c41e07a36484590 Check only that the email format is correct, but don't bother with the deliverability check during authentication. The deliverability check is done at registration. 2023-05-09T10:15:47+00:00 Frederick Muriuki Muriithi 2023-05-08T13:31:38+00:00 urn:sha1:5526f0316c2714d30e47a90f81e0ff686a29042f Implement the "Authorization Code Flow" for the authentication of users. * gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and save the authorisation code. * gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the `AuthorisationCode` model * gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo * gn3/auth/authentication/oauth2/server.py: Register the `AuthorisationCodeGrant` grant with the server. * gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint * gn3/templates/base.html: New HTML Templates of authorisation UI * gn3/templates/common-macros.html: New HTML Templates of authorisation UI * gn3/templates/oauth2/authorise-user.html: New HTML Templates of authorisation UI * main.py: Allow both "code" and "token" response types.