Feat/jinja global variable (#354)

Author: kobyfogel

app/dependencies.py

@@ -17,6 +17,7 @@
 templates = Jinja2Templates(directory=TEMPLATES_PATH)
 templates.env.add_extension("jinja2.ext.i18n")
 
+
 # Configure logger
 logger = LoggerCustomizer.make_logger(
     config.LOG_PATH,

app/internal/security/dependencies.py

@@ -1,3 +1,5 @@
+from typing import Optional
+
 from fastapi import Depends, HTTPException
 from starlette.requests import Request
 from starlette.status import HTTP_401_UNAUTHORIZED
@@ -90,3 +92,21 @@ async def current_user(
             detail="Your token is not valid. Please log in again",
         )
     return schema.CurrentUser(user_id=user_id, username=username)
+
+
+def get_jinja_current_user(request: Request) -> Optional[schema.CurrentUser]:
+    """Return the currently logged in user.
+    Returns logged in User object if exists, None if not.
+    Set as a jinja global parameter.
+    """
+    if "Authorization" not in request.cookies:
+        return None
+    jwt_payload = get_jwt_token(request.cookies["Authorization"])
+    username = jwt_payload.get("sub")
+    user_id = jwt_payload.get("user_id")
+    if not user_id:
+        raise HTTPException(
+            status_code=HTTP_401_UNAUTHORIZED,
+            detail="Your token is not valid. Please log in again",
+        )
+    return schema.CurrentUser(user_id=user_id, username=username)

app/main.py

@@ -6,21 +6,22 @@
 from fastapi.staticfiles import StaticFiles
 from sqlalchemy.orm import Session
 
+import app.internal.features as internal_features
 from app import config
 from app.database import engine, models
 from app.dependencies import (
     MEDIA_PATH,
     SOUNDS_PATH,
     STATIC_PATH,
     UPLOAD_PATH,
+    SessionLocal,
     get_db,
     logger,
     templates,
-    SessionLocal,
 )
 from app.internal import daily_quotes, json_data_loader
-import app.internal.features as internal_features
 from app.internal.languages import set_ui_language
+from app.internal.security.dependencies import get_jinja_current_user
 from app.internal.security.ouath2 import auth_exception_handler
 from app.routers.salary import routes as salary
 from app.utils.extending_openapi import custom_openapi
@@ -51,6 +52,7 @@ def create_tables(engine, psql_environment):
 app.logger = logger
 
 app.add_exception_handler(status.HTTP_401_UNAUTHORIZED, auth_exception_handler)
+templates.env.globals["jinja_current_user"] = get_jinja_current_user
 
 # This MUST come before the app.routers imports.
 set_ui_language()

app/templates/base.html

@@ -31,21 +31,24 @@
                 </div>
                 <div class="collapse navbar-collapse" id="navbarToggler">
                     <ul class="navbar-nav mr-auto mb-2 mb-lg-0 ">
-                        <li class="nav-item">
-                            <a class="nav-link" href="{{ url_for('profile') }}">Profile</a>
-                        </li>
-                        <li class="nav-item">
-                            <a class="nav-link" href="{{ url_for('login') }}">Sign In</a>
-                        </li>
-                        <li class="nav-item">
-                            <a class="nav-link" href="{{ url_for('logout') }}">{{ gettext("Sign Out") }}</a>
-                        </li>
-                        <li class="nav-item">
-                            <a class="nav-link" href="{{ url_for('register') }}">Sign Up</a>
-                        </li>
-                        <li class="nav-item">
-                            <a class="nav-link" href="{{ url_for('agenda') }}">Agenda</a>
-                        </li>
+                        {% if jinja_current_user(request) %}
+                            <li class="nav-item">
+                                <a class="nav-link" href="{{ url_for('profile') }}">Profile</a>
+                            </li>
+                            <li class="nav-item">
+                                <a class="nav-link" href="{{ url_for('logout') }}">Sign Out</a>
+                            </li>
+                            <li class="nav-item">
+                                <a class="nav-link" href="{{ url_for('agenda') }}">Agenda</a>
+                            </li>
+                        {% else %}
+                            <li class="nav-item">
+                                <a class="nav-link" href="{{ url_for('login') }}">Sign In</a>
+                            </li>
+                            <li class="nav-item">
+                                <a class="nav-link" href="{{ url_for('register') }}">Sign Up</a>
+                            </li>
+                        {% endif %}
                         <li class="nav-item">
                           <a class="nav-link" href="{{ url_for( 'audio_settings') }}">Audio Settings</a>
                         </li>

tests/test_jinja_variable.py

@@ -0,0 +1,32 @@
+REGISTER_DETAIL = {
+    "username": "correct_user",
+    "full_name": "full_name",
+    "password": "correct_password",
+    "confirm_password": "correct_password",
+    "email": "example@email.com",
+    "description": "",
+}
+
+LOGIN_DATA = {"username": "correct_user", "password": "correct_password"}
+
+
+def test_user_not_logged_in(session, security_test_client):
+    security_test_client.get(security_test_client.app.url_path_for("logout"))
+    response = security_test_client.get("/about")
+    assert b"Sign Out" not in response.content
+    assert b"Sign In" in response.content
+
+
+def test_user_is_logged_in(session, security_test_client):
+    security_test_client.get(security_test_client.app.url_path_for("logout"))
+    security_test_client.post(
+        security_test_client.app.url_path_for("register"),
+        data=REGISTER_DETAIL,
+    )
+    security_test_client.post(
+        security_test_client.app.url_path_for("login"),
+        data=LOGIN_DATA,
+    )
+    response = security_test_client.get("/about")
+    assert b"Sign Out" in response.content
+    assert b"Sign In" not in response.content