Merge pull request #80 from COSC-499-W2023/gh-39-basic-authentication

feat(auth): API endpoint + middleware for basic auth
COSC-499-W2023 · Nov 9, 2023 · 6310a0e · 6310a0e
2 parents b8d08ac + 98920c0
commit 6310a0e
Show file tree

Hide file tree

Showing 26 changed files with 624 additions and 904 deletions.
diff --git a/app/front-end/Makefile b/app/front-end/Makefile
@@ -30,6 +30,8 @@ PORT ?= 8080
 LOG_FILE ?= privacypal-run.log
 PRIVACYPAL_INPUT_VIDEO_DIR ?= /opt/privacypal/input_videos
 PRIVACYPAL_OUTPUT_VIDEO_DIR ?= /opt/privacypal/output_videos
+PRIVACYPAL_AUTH_MANAGER ?= basic
+PRIVACYPAL_DEBUG ?= true
 
 .PHONY: run
 run: ## Run the web server as a standalone container.
@@ -44,6 +46,8 @@ run: ## Run the web server as a standalone container.
 		-e AWS_DEFAULT_REGION="ca-central-1" \
 		-e PRIVACYPAL_INPUT_VIDEO_DIR="$(PRIVACYPAL_INPUT_VIDEO_DIR)" \
 		-e PRIVACYPAL_OUTPUT_VIDEO_DIR="$(PRIVACYPAL_OUTPUT_VIDEO_DIR)" \
+		-e PRIVACYPAL_AUTH_MANAGER="$(PRIVACYPAL_AUTH_MANAGER)" \
+		-e PRIVACYPAL_DEBUG="$(PRIVACYPAL_DEBUG)" \
 		-v "$(LOCAL_INPUT_DIR)":"$(PRIVACYPAL_INPUT_VIDEO_DIR)":z \
 		-v "$(LOCAL_OUTPUT_DIR)":"$(PRIVACYPAL_OUTPUT_VIDEO_DIR)":z \
 		-it --rm $(PRIVACYPAL_IMAGE) 2>&1 | tee $(LOG_FILE)
@@ -54,10 +58,3 @@ LOCAL_OUTPUT_DIR ?= $(shell pwd)/output-videos
 .PHONY: setup-run
 setup-run: ## Set up the environment for running web server as a standalone container.
 	mkdir -p "$(LOCAL_INPUT_DIR)" "$(LOCAL_OUTPUT_DIR)"
-	{ \
-		echo NEXTAUTH_SECRET="$$(openssl rand -base64 32)";  \
-		echo NEXTAUTH_URL="http://localhost:${PORT:-8081}";  \
-		echo PRIVACYPAL_INPUT_VIDEO_DIR="../back-end/video-processing/input-videos";  \
-		echo PRIVACYPAL_OUTPUT_VIDEO_DIR="../back-end/video-processing/output-videos";  \
-		echo PRIVACYPAL_CONFIG_DIR="./conf"; \
-	} > .env.local
diff --git a/app/front-end/__tests__/__snapshots__/index.test.tsx.snap b/app/front-end/__tests__/__snapshots__/index.test.tsx.snap
@@ -13,6 +13,16 @@ exports[`Home Page homepage is unchanged from snapshot 1`] = `
     >
       Log in
     </a>
+    <a
+      href="/staff"
+    >
+      Staff Area
+    </a>
+    <a
+      href="/user"
+    >
+      User Area
+    </a>
   </main>
 </div>
 `;
diff --git a/app/front-end/__tests__/config.lib.test.ts b/app/front-end/__tests__/config.lib.test.ts
@@ -3,18 +3,18 @@
  * Author: Connor Doman
  */
 
-import { extractUserConfig } from "@lib/config";
+import { extractBasicUserRecords } from "@lib/config";
 
 describe("Config", () => {
     it("contains a user config", () => {
-        const config = extractUserConfig();
+        const config = extractBasicUserRecords();
         const userArray = config.users;
         expect(typeof userArray).toEqual("object");
         expect(userArray.length).toBeGreaterThan(0);
     });
 
     it("contains a user config with an email", () => {
-        const config = extractUserConfig();
+        const config = extractBasicUserRecords();
         const userArray = config.users;
         expect(userArray[0].email).toBeDefined();
     });

diff --git a/app/front-end/__tests__/dummy-authenticator.auth.test.ts b/app/front-end/__tests__/dummy-authenticator.auth.test.ts
@@ -4,50 +4,37 @@
  */
 
 import { utf8ToBase64 } from "@lib/base64";
-import { DummyAuthenticator } from "@lib/dummy-authenticator";
+import { DummyBasicAuthenticator } from "@lib/dummy-authenticator";
 
 describe("Dummy Authenticator", () => {
     it("works for valid credentials", async () => {
-        const dummyAuthenticator = new DummyAuthenticator();
+        const dummyAuthenticator = new DummyBasicAuthenticator();
         const credentials = { email: "johnny@example.com", password: "password" };
-        const user = await dummyAuthenticator.authorize(credentials, {} as any);
+        const user = await dummyAuthenticator.authorize(credentials);
         expect(user).toEqual({
             id: "1",
             email: "johnny@example.com",
         });
     });
 
     it("fails for invalid credentials", async () => {
-        const dummyAuthenticator = new DummyAuthenticator();
+        const dummyAuthenticator = new DummyBasicAuthenticator();
         const credentials = { email: "johnny@example.com", password: "wrongpassword" };
-        const user = await dummyAuthenticator.authorize(credentials, {} as any);
+        const user = await dummyAuthenticator.authorize(credentials);
         expect(user).toEqual(null);
     });
 
-    it("contains 'credentials' profile name", () => {
-        const dummyAuthenticator = new DummyAuthenticator();
-        expect(dummyAuthenticator.name).toEqual("credentials");
-    });
-
-    it("contains correct credentials profile", () => {
-        const dummyAuthenticator = new DummyAuthenticator();
-        expect(dummyAuthenticator.credentials).toEqual({
-            email: { label: "Email", type: "text", placeholder: "Email" },
-            password: { label: "Password", type: "password" },
-        });
-    });
-
     it("authentication fails if hashedPassword is empty", async () => {
-        const dummyAuthenticator = new DummyAuthenticator();
+        const dummyAuthenticator = new DummyBasicAuthenticator();
         const credentials = { email: "badatpasswords@example.com", password: "password" };
-        const user = await dummyAuthenticator.authorize(credentials, {} as any);
+        const user = await dummyAuthenticator.authorize(credentials);
         expect(user).toEqual(null);
     });
 
     it("authentication fails if empty password is provided", async () => {
-        const dummyAuthenticator = new DummyAuthenticator();
+        const dummyAuthenticator = new DummyBasicAuthenticator();
         const credentials = { email: "johnny@example.com", password: "" };
-        const user = await dummyAuthenticator.authorize(credentials, {} as any);
+        const user = await dummyAuthenticator.authorize(credentials);
         expect(user).toEqual(null);
     });
 });
diff --git a/app/front-end/conf/user.properties.json b/app/front-end/conf/user.properties.json
@@ -3,12 +3,17 @@
         {
             "id": "1",
             "email": "johnny@example.com",
-            "hashedPassword": "JDJhJDEwJFV2ZnpHekFrbEtvZlljenNYZHZHR2VjaGRVY29BdHM1SjhBWU51a1RUQzdTQXZOT0VDVHVT"
+            "hashedPassword": "$2a$10$bMG7qmKpKQJ4DfbW0gA9HOqXo7ZzYT0c0bBe7FVZQUgvj9oIZrMwa"
         },
         {
             "id": "2",
             "email": "badatpasswords@example.com",
             "hashedPassword": ""
+        },
+        {
+            "id": "3",
+            "email": "username",
+            "hashedPassword": "$2a$10$bMG7qmKpKQJ4DfbW0gA9HOqXo7ZzYT0c0bBe7FVZQUgvj9oIZrMwa"
         }
     ]
 }
diff --git a/app/front-end/generate_dev_env.sh b/app/front-end/generate_dev_env.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# Create `.env.local` file for development environment
+{
+    echo NEXTAUTH_SECRET="$(openssl rand -base64 32)"
+    echo NEXTAUTH_URL="http://localhost:${PORT:-8081}"
+    echo PRIVACYPAL_INPUT_VIDEO_DIR="../back-end/video-processing/input-videos"
+    echo PRIVACYPAL_OUTPUT_VIDEO_DIR="../back-end/video-processing/output-videos"
+    echo PRIVACYPAL_CONFIG_DIR="./conf"
+    echo PRIVACYPAL_AUTH_MANAGER="${PRIVACYPAL_AUTH_MANAGER:-basic}"
+    echo PRIVACYPAL_DEBUG=${PRIVACYPAL_DEBUG:-true}
+} > .env.local