Merge remote-tracking branch 'origin/main'

code/backend/README.md

@@ -25,15 +25,31 @@ Questo creerà un nuovo venv nelle cartelle interne di Poetry e vi installerà a
 
 ## Configurazione
 
-<!-- TODO: Configurazione del database -->
+### Configurazione del Database
-
+Dopo aver installato Postgres, è necessario creare un database dedicato all'applicazione (ad esempio PdSTest).  
-Perchè il backend gestisca correttamente i cookie <!-- TODO: ma noi non usiamo cookies...? -->, è necessario che la
+Se si desidera, si può anche creare un utente dedicato (l'utente postgres di default va benissimo).  
-seguente variabile di ambiente sia settata a una stringa casuale:
+Per configurare l'URI del database che N.E.S.T. andrà a impiegare, è necessario eseguire
 
 ```bash
-export COOKIE_SECRET=hippityhoppity
+export DATABASE_URI=postgresql://[postgresUser]:[postgresPassword]@localhost:[port, default 5432]/[DatabaseName]
 ```
 
+Ora il database è pronto per l'uso.
+
+### Altre variabili d'ambiente
+Questo ultimo passaggio è importante solo in un ambiente non-dev. La configurazione andrà a valore di default nel caso
+in cui queste variabili non siano definite.  
+Per terminare la configurazione, eseguire:
+
+```bash
+export COOKIE_SECRET=[cookiepass]
+export JWT_SECRET_KEY=[jwtsecret]
+export DISABLE_DEBUG=[farts]
+```
+
+Queste due variabili d'ambiente conterranno le chiavi con cui i cookie e le key di autorizzazione JWT saranno 
+cifrate.
+
 ## Avvio
 
 Per avviare il backend, è innanzitutto necessario attivare il venv contenente le dipendenze con il seguente comando:
@@ -53,7 +69,7 @@ python -m nest_backend
 Le pagine web del server sono disponibili a http://127.0.0.1:5000 .
 
 Mentre il development server è avviato, _buona parte_ delle modifiche saranno rilevate e applicate automaticamente
-senza dover riavviare il server.
+senza dover riavviare il server. Per testare la connettività, visitare http://127.0.0.1:5000/doa.
 
 ## Deployment
 

code/backend/backend.iml

@@ -5,7 +5,7 @@
     <content url="file://$MODULE_DIR$">
       <sourceFolder url="file://$MODULE_DIR$/nest_backend" isTestSource="false" />
     </content>
-    <orderEntry type="jdk" jdkName="Poetry (backend)" jdkType="Python SDK" />
+    <orderEntry type="jdk" jdkName="Poetry (g2-progetto) (2)" jdkType="Python SDK" />
     <orderEntry type="sourceFolder" forTests="false" />
   </component>
 </module>

code/backend/nest_backend/__main__.py

@@ -22,6 +22,9 @@ else:
     app.config["JWT_SECRET_KEY"] = "testing"
 
 reverse_proxy_app = werkzeug.middleware.proxy_fix.ProxyFix(app=app, x_for=1, x_proto=0, x_host=1, x_port=0, x_prefix=0)
+if os.getenv("DATABASE_URI"):
+    app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv('DATABASE_URI')
+else:
     app.config['SQLALCHEMY_DATABASE_URI'] = 'postgresql://postgres:password@localhost:5432/PdSDev'
 Base.app = app
 Base.init_app(app)
@@ -44,4 +47,7 @@ if __name__ == "__main__":
     if not User.query.filter_by(isAdmin=True).all():
         Base.session.add(User(email="admin@admin.com", password=gen_password("password"), username="admin", isAdmin=True))
         Base.session.commit()
-    app.run(debug=True)
+    debug = True
+    if os.getenv("DISABLE_DEBUG"):
+        debug = False
+    app.run(debug=debug)

code/backend/nest_backend/gestione.py

@@ -78,4 +78,13 @@ def repository_auth(f):
             return jsonify({"result": "failure",
                             "msg": "Stop right there, criminal scum! Nobody accesses protected data under MY watch!"}), 403
         return f(*args, **kwargs)
+
     return func
+
+
+def json_error(msg):
+    return jsonify({"result": "failure", 'msg': msg})
+
+
+def json_success(data):
+    return jsonify({"result": "success", "data": data})

code/backend/nest_backend/routes/repository/repository_add_condition.py

@@ -18,17 +18,17 @@ def page_repository_add_condition():
     """
     type = request.json.get("type")
     if not type or type not in dir(ConditionType):
-        return jsonify({"result": "failure", "msg": "Could not understand the type of the condition."}), 400
+        return json_error("Could not understand the type of the condition."), 400
     content = request.json.get("content")
     if not content:
-        return jsonify({"result": "failure", "msg": "Could not find the content"}), 400
+        return json_error("Could not find the content"), 400
     condition = Condition.query.filter(Condition.content.ilike(str(content))).filter_by(type=ConditionType.__getattr__(str(type)).value).first()
     if not condition:
         condition = Condition(content=content, type=ConditionType.__getattr__(str(type)).value)
         Base.session.add(condition)
     repository = Repository.query.filter_by(request.json.get("id"))
     if Uses.query.filter_by(cid=condition.id, rid=repository.id):
-        return jsonify({"result": "failure", "msg": "This condition is already connected to the repository."}), 406
+        return json_error("This condition is already connected to the repository."), 406
     Base.session.add(Uses(cid=condition.id, rid=repository.id))
     Base.session.commit()
-    return jsonify({"result": "success", "content": "Condition added successfully."}), 200
+    return json_success("Operation done with success."), 200

code/backend/nest_backend/routes/repository/repository_create.py

@@ -18,8 +18,8 @@ def page_repository_create():
     user = find_user(get_jwt_identity())
     name = request.json.get("name")
     if not name:
-        return jsonify({"result": "failure", "msg": "Missing one or more parameters"}), 400
+        return json_error("Missing one or more parameters"), 400
     repository = Repository(name=name, owner_id=user.email)
     Base.session.add(repository)
     Base.session.commit()
-    return jsonify({"result": "success", "content": repository.to_json()}), 200
+    return json_success(repository.to_json()), 200

code/backend/nest_backend/routes/repository/repository_edit.py

@@ -25,4 +25,4 @@ def page_repository_edit():
     if 'open' in request.json and not repository.isActive and not repository.end:
         repository.isActive = True
     Base.session.commit()
-    return jsonify({"result": "success", "content":repository.to_json()})
+    return json_success(repository.to_json())

code/backend/nest_backend/routes/repository/repository_list.py

@@ -14,5 +14,5 @@ def page_repository_list():
     the user ("owner") and a list of repositories that he can spectate ("spectator").
     """
     user = find_user(get_jwt_identity())
-    return {"result": "success", "content": {"owner": [r.to_json() for r in user.owner_of],
+    return json_success({"owner": [r.to_json() for r in user.owner_of],
-                                             "spectator": [r.repository.to_json() for r in user.authorizations]}}
+                         "spectator": [r.repository.to_json() for r in user.authorizations]})

code/backend/nest_backend/routes/users/login.py

@@ -15,12 +15,10 @@ def page_login():
 
     The access_token must be included in the Authorization header, using the format Bearer <token>.
     """
-    if not request.json:
-        abort(400)
     email = request.json.get("email", None)
     password = request.json.get("password", None)
     if authenticate(email, password):
         access_token = create_access_token(identity=email)
         user = find_user(email)
-        return jsonify({"result": "success", "access_token": access_token, 'user': user.to_json()}), 201
+        return json_success({"access_token": access_token, 'user': user.to_json()}), 201
-    return jsonify({"result": "failure", "msg": "Bad username or password."}), 401
+    return json_error("Bad username or password."), 401

code/backend/nest_backend/routes/users/user_create.py

@@ -23,4 +23,4 @@ def page_user_create():
                  username=request.json.get("username"))
     Base.session.add(nUser)
     Base.session.commit()
-    return jsonify({"result": "success", "content": user.to_json()})
+    return json_success(user.to_json())

code/backend/nest_backend/routes/users/user_delete.py

@@ -16,12 +16,12 @@ def page_user_delete():
     """
     user = find_user(get_jwt_identity())
     if not user.isAdmin:
-        return jsonify({"result": "failure", "msg": "User is not admin."}), 403
+        return json_error("User is not admin."), 403
     target = find_user(request.json.get('email'))
     if not target:
-        return jsonify({"result": "failure", "msg": "User not found."}), 404
+        return json_error("User not found."), 404
     if user == target:
-        return jsonify({"result": "failure", "msg": "The user cant delete himself. Its a sin."}), 406
+        return json_error("The user cant delete himself. Its a sin."), 406
     Base.session.remove(target)
     Base.session.commit()
-    return jsonify({"result": "success", "content":"The user has been deleted."})
+    return json_success("The user has been deleted.")

code/backend/nest_backend/test/login_test.py

@@ -3,6 +3,7 @@ import json
 
 auth_code = ""
 
+
 def test_login():
     global auth_code
     r = requests.post('http://localhost:5000/api/login', json={'email': 'admin@admin.com', 'password': 'amogus'})
@@ -11,7 +12,9 @@ def test_login():
     r = requests.post('http://localhost:5000/api/login', json={'email': 'admin@admin.com', 'password': 'password'})
     j = json.loads(r.text)
     assert j['result'] == "success"
-    auth_code = j['access_token']
+    auth_code = j['data']['access_token']
+    print("Login eseguito correttamente!")
+
 
 print("Testing del login")
 test_login()