adding pytest to the requirements

backoffice/.envs/local/.django

@@ -3,7 +3,6 @@
 USE_DOCKER=yes
 IPYTHONDIR=/app/.ipython
 
-
 # Redis
 # ------------------------------------------------------------------------------
 REDIS_URL=redis://redis:6379/0
@@ -25,3 +24,6 @@ AIRFLOW_BASE_URL=http://airflow-webserver:8080
 AIRFLOW_TOKEN=YWlyZmxvdzphaXJmbG93
 
 SERVICENOW_URL=https://cerntraining.service-now.com
+
+# Frontend
+FRONTEND_LOGIN_SUCCESS=http://127.0.0.1:5000/success

backoffice/backoffice/users/adapters.py

@@ -24,8 +24,6 @@ def is_open_for_signup(
     ) -> bool:
         return getattr(settings, "ACCOUNT_ALLOW_REGISTRATION", True)
 
-
-
     def populate_user(
         self,
         request: HttpRequest,

backoffice/backoffice/users/api/views.py

@@ -1,16 +1,10 @@
-import requests
-from urllib.parse import urljoin
-from django.urls import reverse
-
-from allauth.socialaccount.providers.oauth2.client import OAuth2Client
-from allauth.socialaccount.providers.orcid.views import OrcidOAuth2Adapter
 from django.contrib.auth import get_user_model
 from rest_framework import status
 from rest_framework.decorators import action
 from rest_framework.mixins import ListModelMixin, RetrieveModelMixin, UpdateModelMixin
 from rest_framework.response import Response
 from rest_framework.viewsets import GenericViewSet
-from rest_framework.views import APIView
+
 from backoffice.users.api.serializers import UserSerializer
 
 User = get_user_model()

backoffice/backoffice/users/views.py

@@ -41,10 +41,5 @@ class UserRedirectView(LoginRequiredMixin, RedirectView):
     def get_redirect_url(self):
         return reverse("users:detail", kwargs={"pk": self.request.user.pk})
 
-def success(request):
-    import ipdb;ipdb.set_trace()
-    return JsonResponse(data={"wow":request.user.email})
 
 user_redirect_view = UserRedirectView.as_view()
-
-

backoffice/config/settings/base.py

@@ -95,28 +95,19 @@
     "allauth",
     "allauth.account",
     "allauth.socialaccount",
-    "allauth.headless",
-    "allauth.socialaccount.providers.orcid",
     "django_celery_beat",
     "rest_framework",
     "rest_framework.authtoken",
     "corsheaders",
     "drf_spectacular",
+    "allauth.socialaccount.providers.orcid",
     "django_prometheus",
     "django_opensearch_dsl",
     "django_elasticsearch_dsl_drf",
     "rest_framework_simplejwt",
     "django_json_widget",
 ]
 
-REST_AUTH = {
-    "SESSION_LOGIN": True,
-    "USE_JWT": True,
-    "JWT_AUTH_COOKIE": "auth",
-    'JWT_AUTH_REFRESH_COOKIE': 'my-refresh-token',
-    "JWT_AUTH_HTTPONLY": False,
-}
-
 LOCAL_APPS = ["backoffice.users", "backoffice.workflows", "backoffice.management"]
 # https://docs.djangoproject.com/en/dev/ref/settings/#installed-apps
 INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
@@ -136,7 +127,7 @@
 # https://docs.djangoproject.com/en/dev/ref/settings/#auth-user-model
 AUTH_USER_MODEL = "users.User"
 # https://docs.djangoproject.com/en/dev/ref/settings/#login-redirect-url
-LOGIN_REDIRECT_URL = "http://127.0.0.1:5000/success"
+LOGIN_REDIRECT_URL = env("FRONTEND_LOGIN_SUCCESS")
 # https://docs.djangoproject.com/en/dev/ref/settings/#login-url
 LOGIN_URL = "account_login"
 
@@ -170,7 +161,7 @@
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.locale.LocaleMiddleware",
     "django.middleware.common.CommonMiddleware",
-    #"django.middleware.csrf.CsrfViewMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
@@ -340,7 +331,7 @@
 # https://django-allauth.readthedocs.io/en/latest/configuration.html
 ACCOUNT_USER_MODEL_USERNAME_FIELD = None
 # https://django-allauth.readthedocs.io/en/latest/configuration.html
-ACCOUNT_EMAIL_VERIFICATION = "mandatory"
+ACCOUNT_EMAIL_VERIFICATION = False
 # https://django-allauth.readthedocs.io/en/latest/configuration.html
 ACCOUNT_ADAPTER = "backoffice.users.adapters.AccountAdapter"
 # https://django-allauth.readthedocs.io/en/latest/forms.html
@@ -391,8 +382,6 @@
         "BASE_DOMAIN": "sandbox.orcid.org"
     }
 }
-SOCIALACCOUNT_EMAIL_VERIFICATION = False
-ACCOUNT_EMAIL_VERIFICATION = False
 
 
 # Opensearch

backoffice/config/urls.py

@@ -1,4 +1,4 @@
-from allauth.socialaccount.providers.orcid.views import oauth2_callback
+from allauth.socialaccount.providers.orcid.views import oauth2_callback, oauth2_login
 from django.conf import settings
 from django.conf.urls.static import static
 from django.contrib import admin
@@ -9,8 +9,8 @@
 from drf_spectacular.views import SpectacularAPIView, SpectacularSwaggerView
 from rest_framework.authtoken.views import obtain_auth_token
 from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView
+from django.views.decorators.csrf import csrf_exempt
 
-from backoffice.users.views import success
 
 urlpatterns = [
     path("", TemplateView.as_view(template_name="pages/home.html"), name="home"),
@@ -21,6 +21,7 @@
     path(settings.ADMIN_URL, admin.site.urls),
     # User management
     path("users/", include("backoffice.users.urls", namespace="users")),
+    path("accounts/orcid/login/", csrf_exempt(oauth2_login), name="orcid_login"),
     path("accounts/", include("allauth.urls")),
     path("", include("django_prometheus.urls")),
 ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
@@ -32,7 +33,6 @@
 # API URLS
 urlpatterns += [
     # API base url
-    path("accounts/login/success/",success),
     path("api/oauth/authorized/orcid/", oauth2_callback, name="orcid_callback"),
     path("api/", include("config.search_router")),
     path("api/", include("config.api_router")),
@@ -46,7 +46,6 @@
     ),
     path("api/token/", TokenObtainPairView.as_view(), name="token_obtain_pair"),
     path("api/token/refresh/", TokenRefreshView.as_view(), name="token_refresh"),
-    path("_allauth/", include("allauth.headless.urls")),
 ]