Adding Log In/Out and CORS functionality for the Vue dev Server

app/api/rest_api.py

@@ -31,10 +31,11 @@ def __init__(self, services):
     async def enable(self):
         self.app_svc.application.router.add_static('/assets', 'magma/dist/assets/', append_version=True)
         # unauthorized GUI endpoints
-        self.app_svc.application.router.add_route('*', '/', self.landing)
-        self.app_svc.application.router.add_route('*', '/enter', self.validate_login)
-        self.app_svc.application.router.add_route('*', '/logout', self.logout)
+        self.app_svc.application.router.add_route('GET', '/', self.landing)
+        self.app_svc.application.router.add_route('POST', '/enter', self.validate_login)
+        self.app_svc.application.router.add_route('POST', '/logout', self.logout)
         self.app_svc.application.router.add_route('GET', '/login', self.login)
+        self.app_svc.application.router.add_route('POST', '/login', self.login)
         # unauthorized API endpoints
         self.app_svc.application.router.add_route('*', '/file/download', self.download_file)
         self.app_svc.application.router.add_route('POST', '/file/upload', self.upload_file)
@@ -50,7 +51,6 @@ async def login(self, request):
     async def validate_login(self, request):
         return await self.auth_svc.login_user(request)
 
-    @template('login.html')
     async def logout(self, request):
         await self.auth_svc.logout_user(request)
 

app/service/app_svc.py

@@ -9,6 +9,7 @@
 from datetime import datetime, timezone
 from importlib import import_module
 
+import aiohttp_cors
 import aiohttp_jinja2
 import jinja2
 import yaml
@@ -92,6 +93,19 @@ async def resume_operations(self):
         for op in await self.get_service('data_svc').locate('operations', match=dict(finish=None)):
             self.loop.create_task(op.run(self.get_services()))
 
+    async def enable_cors(self):
+        cors = aiohttp_cors.setup(self.application, defaults={
+            "http://localhost:3000": aiohttp_cors.ResourceOptions(
+            allow_credentials=True,
+            expose_headers="*",
+            allow_headers="*",
+        )
+        })
+        for route in list(self.application.router.routes()):
+            if route._method != '*':
+                cors.add(route)
+
+
     async def load_plugins(self, plugins):
         def trim(p):
             if p.startswith('.'):

app/service/auth_svc.py

@@ -85,7 +85,7 @@ async def create_user(self, username, password, group):
     @staticmethod
     async def logout_user(request):
         await forget(request, web.Response())
-        raise web.HTTPFound('/login')
+        raise web.HTTPFound('/')
 
     async def login_user(self, request):
         """Log a user in and save the session

app/service/login_handlers/default.py

@@ -17,7 +17,7 @@ def __init__(self, services):
         self._ldap_config = self.get_config('ldap')
 
     async def handle_login(self, request, **kwargs):
-        data = await request.post()
+        data = await request.json()
         username = data.get('username')
         password = data.get('password')
         if username and password:
@@ -32,7 +32,7 @@ async def handle_login(self, request, **kwargs):
                     raise Exception('Auth service not available.')
                 await auth_svc.handle_successful_login(request, username)
             self.log.debug('%s failed login attempt: ', username)
-        raise web.HTTPFound('/login')
+        raise web.HTTPUnauthorized
 
     async def handle_login_redirect(self, request, **kwargs):
         """Handle login redirect.

requirements.txt

@@ -1,5 +1,6 @@
 aiohttp-jinja2==1.5.0
 aiohttp==3.8.1
+aiohttp-cors==0.7.0
 aiohttp_session==2.9.0
 aiohttp-security==0.4.0
 aiohttp-apispec==2.2.3

server.py

@@ -51,14 +51,16 @@ async def start_server():
     await web.TCPSite(runner, BaseWorld.get_config('host'), BaseWorld.get_config('port')).start()
 
 
-def run_tasks(services, start_vue_server=False):
+def run_tasks(services, run_vue_server=False):
     loop = asyncio.get_event_loop()
     loop.create_task(app_svc.validate_requirements())
     loop.run_until_complete(data_svc.restore_state())
     loop.run_until_complete(knowledge_svc.restore_state())
     loop.run_until_complete(RestApi(services).enable())
     loop.run_until_complete(app_svc.register_contacts())
     loop.run_until_complete(app_svc.load_plugins(args.plugins))
+    if run_vue_server:
+        loop.run_until_complete(app_svc.enable_cors())
     loop.run_until_complete(data_svc.load_data(loop.run_until_complete(data_svc.locate('plugins', dict(enabled=True)))))
     loop.run_until_complete(app_svc.load_plugin_expansions(loop.run_until_complete(data_svc.locate('plugins', dict(enabled=True)))))
     loop.run_until_complete(auth_svc.set_login_handlers(services))
@@ -68,7 +70,7 @@ def run_tasks(services, start_vue_server=False):
     loop.create_task(learning_svc.build_model())
     loop.create_task(app_svc.watch_ability_files())
     loop.run_until_complete(start_server())
-    if start_vue_server:
+    if run_vue_server:
         loop.run_until_complete(start_vue_dev_server())
     try:
         logging.info('All systems ready.')
@@ -162,4 +164,4 @@ def list_str(values):
         asyncio.get_event_loop().run_until_complete(data_svc.destroy())
         asyncio.get_event_loop().run_until_complete(knowledge_svc.destroy())
 
-    run_tasks(services=app_svc.get_services(), start_vue_server=args.uidev)
+    run_tasks(services=app_svc.get_services(), run_vue_server=args.uidev)