Merge pull request #213 from ZeusWPI/feat/docker

Dockerize the application
Add menus provided by Zeus WPI by default
2023-06-28 22:09:06 +02:00 · 2023-06-25 17:18:50 +02:00 · 2023-06-25 17:18:39 +02:00 · 2023-06-25 17:18:31 +02:00 · 2023-06-25 17:18:20 +02:00 · 2023-06-25 16:49:13 +02:00
20 changed files with 288 additions and 52 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,10 @@
 # Ignore everything
 *
 # Include source, config and scripts
 !app
 !etc
 !*.md
 !*.sh
 !*.txt
 !LICENSE
--- a/26
+++ b/26
@ -0,0 +1,26 @@
 # syntax=docker/dockerfile:1
 FROM python:3.9.2-slim AS development
 WORKDIR /src
 RUN pip install pymysql
 ADD https://git.zeus.gent/haldis/menus/-/archive/master/menus-master.tar /tmp
 RUN mkdir menus && \
 	tar --directory=menus --extract --strip-components=1 --file=/tmp/menus-master.tar
 COPY requirements.txt .
 RUN pip install -r requirements.txt
 COPY . .
 WORKDIR /src/app
 CMD python app.py db upgrade && \
    python app.py runserver -h 0.0.0.0 -p 8000
 FROM development AS production
 RUN pip install waitress
 CMD python app.py db upgrade && \
    python waitress_wsgi.py
--- a/app/app.py
+++ b/app/app.py
@ -15,15 +15,17 @@ from flask_bootstrap import Bootstrap, StaticCDN
 from flask_debugtoolbar import DebugToolbarExtension
 from flask_login import LoginManager
 from flask_migrate import Migrate, MigrateCommand
 from flask_oauthlib.client import OAuth, OAuthException
 from flask_script import Manager, Server
 from login import init_login
 from markupsafe import Markup
 from admin import init_admin
 from auth.login import init_login
 from auth.zeus import init_oauth
 from config import Configuration
 from models import db
 from models.anonymous_user import AnonymouseUser
 from sentry_sdk.integrations.flask import FlaskIntegration
 from utils import euro_string, price_range_string, ignore_none
 from zeus import init_oauth
 def register_plugins(app: Flask) -> Manager:
@ -100,18 +102,22 @@ def add_routes(application: Flask) -> None:
    # import views  # TODO convert to blueprint
    # import views.stats  # TODO convert to blueprint
-    from login import auth_bp
+    from auth.login import auth_bp
    from auth.microsoft import auth_microsoft_bp
    from auth.zeus import auth_zeus_bp
    from views.debug import debug_bp
    from views.general import general_bp
    from views.order import order_bp
    from views.stats import stats_blueprint
    from zeus import oauth_bp
    application.register_blueprint(general_bp, url_prefix="/")
    application.register_blueprint(order_bp, url_prefix="/order")
    application.register_blueprint(stats_blueprint, url_prefix="/stats")
    application.register_blueprint(auth_bp, url_prefix="/")
-    application.register_blueprint(oauth_bp, url_prefix="/")
+    if Configuration.ENABLE_MICROSOFT_AUTH:
        application.register_blueprint(auth_microsoft_bp,
                                       url_prefix="/users/auth/microsoft_graph_auth")  # "/auth/microsoft")
    application.register_blueprint(auth_zeus_bp, url_prefix="/auth/zeus")
    if application.debug:
        application.register_blueprint(debug_bp, url_prefix="/debug")
@ -175,6 +181,10 @@ def create_app():
    add_routes(app)
    add_template_filters(app)
    @app.context_processor
    def inject_config():
        return dict(configuration=Configuration)
    return app, app_manager
--- a/app/auth/login.py
+++ b/app/auth/login.py
@ -1,31 +1,25 @@
-"Script for everything related to logging in and out"
+"""Script for everything related to logging in and out"""
 from flask import Blueprint, abort, redirect, session, url_for
 from flask_login import current_user, logout_user
 from models import User
 from werkzeug.wrappers import Response
 from zeus import zeus_login
 auth_bp = Blueprint("auth_bp", __name__)
 def init_login(app) -> None:
-    "Initialize the login"
+    """Initialize the login"""
    # pylint: disable=W0612
    @app.login_manager.user_loader
    def load_user(userid) -> User:
-        "Load the user"
+        """Load the user"""
        return User.query.filter_by(id=userid).first()
@auth_bp.route("/login")
 def login():
    "Function to handle a user trying to log in"
    return zeus_login()
@auth_bp.route("/logout")
 def logout() -> Response:
-    "Function to handle a user trying to log out"
+    """Function to handle a user trying to log out"""
    if "zeus_token" in session:
        session.pop("zeus_token", None)
    logout_user()
@ -33,6 +27,6 @@ def logout() -> Response:
 def before_request() -> None:
-    "Function for what has to be done before a request"
+    """Function for what has to be done before a request"""
    if current_user.is_anonymous() or not current_user.is_allowed():
        abort(401)
--- a/app/auth/microsoft.py
+++ b/app/auth/microsoft.py
@ -0,0 +1,77 @@
 import typing
 from flask import Blueprint, url_for, request, redirect, flash, Response
 from flask_login import login_user
 from microsoftgraph.client import Client
 from config import Configuration
 from models import User, db
 auth_microsoft_bp = Blueprint("auth_microsoft_bp", __name__)
 client = Client(Configuration.MICROSOFT_AUTH_ID,
                Configuration.MICROSOFT_AUTH_SECRET,
                account_type="ugentbe.onmicrosoft.com")
 def microsoft_login():
    """Log in using Microsoft"""
    scope = ["openid", "profile", "User.Read", "User.Read.All"]
    url = client.authorization_url(url_for("auth_microsoft_bp.authorized", _external=True), scope, state=None)
    return redirect(url)
@auth_microsoft_bp.route("/login")
 def login():
    """Function to handle a user trying to log in"""
    return microsoft_login()
@auth_microsoft_bp.route("callback")  # "/authorized")
 def authorized() -> typing.Any:
    # type is 'typing.Union[str, Response]', but this errors due to
    #   https://github.com/python/mypy/issues/7187
    """Check authorized status"""
    oauth_code = request.args['code']
    resp = client.exchange_code(url_for("auth_microsoft_bp.authorized", _external=True), oauth_code)
    client.set_token(resp.data)
    resp = client.users.get_me()
    microsoft_uuid = resp.data['id']
    username = resp.data['userPrincipalName']
    # Fail if fields are not populated
    if not microsoft_uuid or not username:
        flash("You're not allowed to enter, please contact a system administrator")
        return redirect(url_for("general_bp.home"))
    # Find existing user by Microsoft UUID (userPrincipalName can change)
    user = User.query.filter_by(microsoft_uuid=microsoft_uuid).first()
    if user:
        return login_and_redirect_user(user)
    # Find existing user by username (pre-existing account)
    user = User.query.filter_by(username=username).first()
    if user:
        return login_and_redirect_user(user)
    # No user found, create a new one
    user = create_user(username, microsoft_uuid=microsoft_uuid)
    return login_and_redirect_user(user)
 def login_and_redirect_user(user) -> Response:
    """Log in the user and then redirect them"""
    login_user(user)
    return redirect(url_for("general_bp.home"))
 def create_user(username, *, microsoft_uuid) -> User:
    """Create a temporary user if it is needed"""
    user = User()
    user.configure(username, False, 1, microsoft_uuid=microsoft_uuid)
    db.session.add(user)
    db.session.commit()
    return user
--- a/app/auth/zeus.py
+++ b/app/auth/zeus.py
@ -4,24 +4,30 @@ import typing
 from flask import (Blueprint, current_app, flash, redirect, request, session,
                   url_for)
 from flask_login import login_user
-from flask_oauthlib.client import OAuth, OAuthException
+from flask_oauthlib.client import OAuth, OAuthException, OAuthRemoteApp
 from models import User, db
 from werkzeug.wrappers import Response
-oauth_bp = Blueprint("oauth_bp", __name__)
+auth_zeus_bp = Blueprint("auth_zeus_bp", __name__)
 def zeus_login():
-    "Log in using ZeusWPI"
+    """Log in using ZeusWPI"""
    return current_app.zeus.authorize(
-        callback=url_for("oauth_bp.authorized", _external=True))
+        callback=url_for("auth_zeus_bp.authorized", _external=True))
-@oauth_bp.route("/login/zeus/authorized")
+@auth_zeus_bp.route("/login")
 def login():
    """Function to handle a user trying to log in"""
    return zeus_login()
@auth_zeus_bp.route("/authorized")
 def authorized() -> typing.Any:
    # type is 'typing.Union[str, Response]', but this errors due to
    #   https://github.com/python/mypy/issues/7187
-    "Check authorized status"
+    """Check authorized status"""
    resp = current_app.zeus.authorized_response()
    if resp is None:
        # pylint: disable=C0301
@ -45,8 +51,8 @@ def authorized() -> typing.Any:
    return redirect(url_for("general_bp.home"))
-def init_oauth(app):
+def init_oauth(app) -> OAuthRemoteApp:
-    "Initialize the OAuth for ZeusWPI"
+    """Initialize the OAuth for ZeusWPI"""
    oauth = OAuth(app)
    zeus = oauth.remote_app(
@ -69,13 +75,13 @@ def init_oauth(app):
 def login_and_redirect_user(user) -> Response:
-    "Log in the user and then redirect them"
+    """Log in the user and then redirect them"""
    login_user(user)
    return redirect(url_for("general_bp.home"))
 def create_user(username) -> User:
-    "Create a temporary user if it is needed"
+    """Create a temporary user if it is needed"""
    user = User()
    user.configure(username, False, 1, associations=["zeus"])
    db.session.add(user)
--- a/app/config.example.py
+++ b/app/config.example.py
@ -1,11 +1,16 @@
-"An example for a Haldis config"
+"""An example for a Haldis config"""
-# config
+# import os
 class Configuration:
    "Haldis configuration object"
    # pylint: disable=too-few-public-methods
    SQLALCHEMY_DATABASE_URI = "sqlite:///haldis.db"
    # MARIADB_HOST = os.environ.get("MARIADB_HOST")
    # MARIADB_DB = os.environ.get("MARIADB_DATABASE")
    # MARIADB_USER = os.environ.get("MARIADB_USER")
    # MARIADB_PASS = os.environ.get("MARIADB_PASSWORD")
    # SQLALCHEMY_DATABASE_URI = f"mysql+pymysql://{MARIADB_USER}:{MARIADB_PASS}@{MARIADB_HOST}/{MARIADB_DB}"
    SQLALCHEMY_TRACK_MODIFICATIONS = False
    DEBUG = True
    HALDIS_ADMINS = []
@ -15,3 +20,7 @@ class Configuration:
    SENTRY_DSN = None
    ZEUS_KEY = "tomtest"
    ZEUS_SECRET = "blargh"
    ENABLE_MICROSOFT_AUTH = False
    MICROSOFT_AUTH_ID = ""
    MICROSOFT_AUTH_SECRET = ""
--- a/app/hlds/definitions.py
+++ b/app/hlds/definitions.py
@ -1,7 +1,6 @@
 # Import this class to load the standard HLDS definitions
 import subprocess
-from os import path
+from pathlib import Path
 from typing import List
 from .models import Location
@ -12,10 +11,14 @@ __all__ = ["location_definitions", "location_definition_version"]
 # pylint: disable=invalid-name
 # TODO Use proper way to get resources, see https://stackoverflow.com/a/10935674
-DATA_DIR = path.join(path.dirname(__file__), "..", "..", "menus")
+ROOT_DIR = Path(__file__).parent.parent.parent
 DATA_DIR = ROOT_DIR / "menus"
-location_definitions: List[Location] = parse_all_directory(DATA_DIR)
+location_definitions: List[Location] = parse_all_directory(str(DATA_DIR))
 location_definitions.sort(key=lambda l: l.name)
-proc = subprocess.run(["git", "rev-parse", "HEAD"], stdout=subprocess.PIPE, check=True)
+try:
    proc = subprocess.run(["git", "rev-parse", "HEAD"], stdout=subprocess.PIPE, cwd=str(ROOT_DIR), check=True)
    location_definition_version = proc.stdout.decode().strip()
 except FileNotFoundError:
    location_definition_version = ""
--- a/app/hlds/hlds.tatsu
+++ b/app/hlds/hlds.tatsu
@ -29,9 +29,9 @@ location = >location_header items:{ block } ;
 attributes =
-	name:/[^\n#]*?(?= +-- |  | *\n| *#)/
+	name:/[^\n#]*?(?= +-- |  | €| *\n| *#)/
 	[ s '--' ~ s description:/[^\n#]*?(?=  | *\n| *#)/ ]
-	[ / {2,}/ ~
+	[ / +/ ~
 		[ {[ s ] ('{' tags+:identifier '}')} / +|$/ ]
 		[ price:price ]
 	]
--- a/app/migrations/versions/150252c1cdb1_.py
+++ b/app/migrations/versions/150252c1cdb1_.py
@ -43,7 +43,7 @@ def upgrade():
        sa.Column("starttime", sa.DateTime(), nullable=True),
        sa.Column("stoptime", sa.DateTime(), nullable=True),
        sa.Column("public", sa.Boolean(), nullable=True),
-        sa.ForeignKeyConstraint(["location_id"], ["location.id"]),
+        sa.ForeignKeyConstraint(["location_id"], ["location.id"], name="order_ibfk_1"),
        sa.PrimaryKeyConstraint("id"),
    )
    op.create_table(
@ -65,7 +65,7 @@ def upgrade():
        sa.Column("extra", sa.String(length=254), nullable=True),
        sa.Column("name", sa.String(length=120), nullable=True),
        sa.ForeignKeyConstraint(["order_id"], ["order.id"]),
-        sa.ForeignKeyConstraint(["product_id"], ["product.id"]),
+        sa.ForeignKeyConstraint(["product_id"], ["product.id"], name="order_item_ibfk_3"),
        sa.ForeignKeyConstraint(["user_id"], ["user.id"]),
        sa.PrimaryKeyConstraint("id"),
    )
--- a/app/migrations/versions/89b2c980b663_.py
+++ b/app/migrations/versions/89b2c980b663_.py
@ -0,0 +1,26 @@
 """empty message
 Revision ID: 89b2c980b663
 Revises: 9eac0f3d7b1e
 Create Date: 2023-04-20 02:01:54.558602
 """
 # revision identifiers, used by Alembic.
 revision = '89b2c980b663'
 down_revision = '9eac0f3d7b1e'
 from alembic import op
 import sqlalchemy as sa
 def upgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.add_column('user', sa.Column('microsoft_uuid', sa.VARCHAR(length=120), nullable=True))
    # ### end Alembic commands ###
 def downgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.drop_column('user', 'microsoft_uuid')
    # ### end Alembic commands ###
--- a/app/migrations/versions/9159a6fed021_initial_haldis_support.py
+++ b/app/migrations/versions/9159a6fed021_initial_haldis_support.py
@ -112,14 +112,12 @@ def upgrade():
        )
    )
    # Historical product data migrated, drop obsolete column and table
-    op.execute(text("ALTER TABLE order_item DROP FOREIGN KEY order_item_ibfk_3"))
+    op.drop_constraint("order_item_ibfk_3", "order_item", type_="foreignkey")
    op.drop_column("order_item", "product_id")
    op.drop_table("product")
    # ----------------------------------------------------------------------------------------------
    # Migrate historical location data to orders
    op.execute(text("ALTER TABLE `order` DROP FOREIGN KEY order_ibfk_2"))
    op.alter_column(
        "order",
        "location_id",
@ -157,6 +155,7 @@ def upgrade():
    for query in chain(new_location_id, [location_name_from_location]):
        op.execute(query)
    # Historical location data migrated, drop obsolete column and table
    op.drop_constraint("order_ibfk_1", "order", type_="foreignkey")
    op.drop_column("order", "legacy_location_id")
    op.drop_table("location")
--- a/app/models/user.py
+++ b/app/models/user.py
@ -5,12 +5,14 @@ from models import db
 class User(db.Model):
-    "Class used for configuring the User model in the database"
+    """Class used for configuring the User model in the database"""
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(80), unique=True, nullable=False)
    admin = db.Column(db.Boolean)
    bias = db.Column(db.Integer)
-    # Assocation logic
+    # Microsoft OAUTH info
    microsoft_uuid = db.Column(db.String(120), unique=True)
    # Association logic
    associations = db.Column(db.String(255), nullable=False, server_default="")
    # Relations
@ -25,13 +27,14 @@ class User(db.Model):
    def association_list(self) -> List[str]:
        return self.associations.split(",")
-    def configure(self, username: str, admin: bool, bias: int, associations: Optional[List[str]] = None) -> None:
+    def configure(self, username: str, admin: bool, bias: int, *, microsoft_uuid: str = None, associations: Optional[List[str]] = None) -> None:
        """Configure the User"""
        if associations is None:
            associations = []
        self.username = username
        self.admin = admin
        self.bias = bias
        self.microsoft_uuid = microsoft_uuid
        self.associations = ",".join(associations)
    # pylint: disable=C0111, R0201
--- a/app/templates/layout.html
+++ b/app/templates/layout.html
@ -63,7 +63,8 @@
 	<nav class="navbar navbar-default navbar-fixed-top">
 		<div class="container">
 			<div class="navbar-header">
-				<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
+				<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar"
 						aria-expanded="false" aria-controls="navbar">
 					<span class="sr-only">Toggle navigation</span>
 					<span class="icon-bar"></span>
 					<span class="icon-bar"></span>
@ -81,7 +82,10 @@
 				</ul>
 				<ul class="nav navbar-nav navbar-right">
 					{% if current_user.is_anonymous() %}
-						<li><a href="{{ url_for('auth_bp.login') }}">Login</a></li>
+						{% if configuration.ENABLE_MICROSOFT_AUTH %}
 							<li><a href="{{ url_for('auth_microsoft_bp.login') }}">Login with Microsoft</a></li>
 						{% endif %}
 						<li><a href="{{ url_for('auth_zeus_bp.login') }}">Login with Zeus</a></li>
 					{% else %}
 						<li><a href="{{ url_for('general_bp.profile') }}">{{ current_user.username }}</a></li>
 						<li><a href="{{ url_for('auth_bp.logout') }}">Logout</a></li>
--- a/app/waitress_wsgi.py
+++ b/app/waitress_wsgi.py
@ -0,0 +1,16 @@
 import sentry_sdk
 from sentry_sdk.integrations.flask import FlaskIntegration
 from waitress import serve
 from app import create_app
 from config import Configuration
 if __name__ == "__main__":
    if Configuration.SENTRY_DSN:
        sentry_sdk.init(
            dsn=Configuration.SENTRY_DSN,
            integrations=[FlaskIntegration()]
        )
    app, app_mgr = create_app()
    serve(app, host="0.0.0.0", port=8000)
--- a/docker-compose.override.yml
+++ b/docker-compose.override.yml
@ -0,0 +1,17 @@
 version: "3.4"
 services:
  app:
    build:
      target: "development"
    environment:
      - MARIADB_DATABASE=haldis
      - MARIADB_USER=haldis
      - MARIADB_PASSWORD=haldis
    volumes: ["$PWD:/src"]
  database:
    environment:
      - MARIADB_DATABASE=haldis
      - MARIADB_ROOT_PASSWORD=mariadb
      - MARIADB_USER=haldis
      - MARIADB_PASSWORD=haldis
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,31 @@
 version: "3.4"
 services:
  app:
    build:
      context: .
      target: production
    restart: on-failure
    depends_on: [database]
    ports: ["8000:8000"]
    environment:
      - MARIADB_HOST=database
      - MARIADB_DATABASE
      - MARIADB_USER
      - MARIADB_PASSWORD
    networks: [haldis]
  database:
    image: mariadb:10.8
    hostname: database
    restart: on-failure
    environment:
      - MARIADB_DATABASE
      - MARIADB_ROOT_PASSWORD
      - MARIADB_USER
      - MARIADB_PASSWORD
    networks: [haldis]
    volumes: [haldis_data:/var/lib/mysql]
 networks:
  haldis:
 volumes:
  haldis_data:
--- a/first-setup.sh
+++ b/first-setup.sh
@ -12,7 +12,7 @@ E="${normal}"
 if [ ! -d "venv" ]; then
 	PYTHON_VERSION=$(cat .python-version)
 	echo -e "${B} No venv found, creating a new one with version ${PYTHON_VERSION} ${E}"
-	python3 -m virtualenv -p $PYTHON_VERSION venv
+	python3 -m virtualenv -p "$PYTHON_VERSION" venv
 fi
 source venv/bin/activate
--- a/requirements.in
+++ b/requirements.in
@ -12,4 +12,5 @@ black
 pymysql
 pyyaml
 tatsu<5.6 # >=5.6 needs Python >=3.8
 microsoftgraph-python
 sentry-sdk[flask]
--- a/requirements.txt
+++ b/requirements.txt
@ -79,6 +79,8 @@ markupsafe==2.0.1
    #   jinja2
    #   mako
    #   wtforms
 microsoftgraph-python==1.1.3
    # via -r requirements.in
 mypy-extensions==0.4.3
    # via black
 oauthlib==2.1.0
@ -98,7 +100,9 @@ pyyaml==5.4.1
 regex==2021.4.4
    # via black
 requests==2.25.1
-    # via requests-oauthlib
+    # via
    #   microsoftgraph-python
    #   requests-oauthlib
 requests-oauthlib==1.1.0
    # via flask-oauthlib
 sentry-sdk[flask]==1.10.1
Author	SHA1	Message	Date
redfast00	73671bd8f1	Merge pull request #213 from ZeusWPI/feat/docker Dockerize the application	2023-06-28 22:09:06 +02:00
Maxim De Clercq	45b4913657	Add menus provided by Zeus WPI by default	2023-06-25 17:18:50 +02:00
Maxim De Clercq	7b78e7d8ff	Add .dockerignore	2023-06-25 17:18:39 +02:00
Maxim De Clercq	a29d3a33be	Use correct app when running with waitress	2023-06-25 17:18:31 +02:00
Maxim De Clercq	7fad75fc08	Dockerize the application	2023-06-25 17:18:20 +02:00
redfast00	5a82354b78	Merge pull request #214 from ZeusWPI/microsoft-auth-wip Microsoft auth	2023-06-25 16:49:13 +02:00
Maxim De Clercq	fbb69c843a	Merge branch 'master' into microsoft-auth-wip	2023-06-25 16:18:32 +02:00
redfast00	30626e457a	Merge pull request #217 from ZeusWPI/no-double-space Remove double space requirement	2023-06-13 23:31:56 +02:00
redfast00	0aea3f6d34	Remove double space requirement	2023-06-13 21:39:19 +02:00
Maxim De Clercq	8b1b3f482a	Add migration for Microsoft Auth	2023-04-20 02:10:59 +02:00
Maxim De Clercq	2d6aea10fb	Change Microsoft account type to ugentbe.onmicrosoft.com	2023-04-19 23:17:51 +02:00
Maxim De Clercq	6e79fc50ed	Merge pull request #186 from ZeusWPI/feature/microsoft-auth Add working microsoft login flow	2023-04-19 22:55:32 +02:00
Maxim De Clercq	ba29ecbc73	Check for user with matching Microsoft UUID first	2023-04-19 22:38:30 +02:00
Maxim De Clercq	1ffcdc3ec1	Do not store UGent username since it is not exposed through Graph API	2023-04-19 22:03:40 +02:00
Maxim De Clercq	6bb11e49a3	Add support for when cwd is outside the project E.g. Pycharm runs `/.../haldis/venv/bin/python /.../haldis/app/app.py` when no working directory is set.	2023-04-19 21:18:53 +02:00
Maxim De Clercq	aab522eef9	Merge branch 'master' into feature/microsoft-auth # Conflicts: # app/app.py # app/create_database.py # app/models/user.py # requirements.in # requirements.txt	2023-04-19 20:55:35 +02:00
mcbloch	841c3d5fb8	add flag to disable microsoft login	2022-04-20 01:34:19 +02:00
mcbloch	da88d807d1	disable printing of user info	2022-04-20 01:28:48 +02:00
mcbloch	cc0c271a22	Add working microsoft login flow	2022-04-20 01:27:52 +02:00