fix: resolve redirect issue with aws elb

Resolve the AWS ELB redirect issue by using Werkzeug's ProxyFix to ensure that the application sends the correct headers for HTTPS. Cleaned up database migration to eliminate unnecessary clients and standardize on initial usernames.
brighthive · Feb 26, 2020 · 89e2ae4 · 89e2ae4
1 parent 8f6bbd5
commit 89e2ae4
Show file tree

Hide file tree

Showing 8 changed files with 25 additions and 12 deletions.
diff --git a/authserver/api/home.py b/authserver/api/home.py
@@ -25,7 +25,7 @@ def login():
             return render_template('login.html', form=form)
         else:
             return render_template('login.html', client_id=client_id, return_to=return_to, form=form)
-    
+
     if form.validate():
         username = form.username.data
         password = form.password.data
@@ -36,10 +36,10 @@ def login():
                 errors = "You do not have an active user account."
             elif not user.verify_password(password):
                 errors = "You did not enter a valid password."
-            else: 
+            else:
                 session['id'] = user.id
                 return redirect(return_to)
         except AttributeError:
             errors = "You did not enter valid login credentials."
 
-        return render_template('login.html', client_id=client_id, return_to=return_to, form=form, errors=errors)
+        return render_template('login.html', client_id=client_id, return_to=return_to, form=form, errors=errors)
diff --git a/authserver/api/oauth2.py b/authserver/api/oauth2.py
@@ -56,7 +56,6 @@ def _client_authorized(client_id, user_id):
 def authorize():
     errors = None
     user = _current_user()
-    print('Hello........')
     if not user:
         client_id = request.args.get('client_id')
         return redirect(url_for('home_ep.login', client_id=client_id, return_to=request.url))

diff --git a/authserver/api/user.py b/authserver/api/user.py
@@ -119,8 +119,6 @@ def post(self, action, id: str = None):
                         data_trust_id=request_data['data_trust_id'])
             if 'telephone' in request_data.keys():
                 user.telephone = request_data['telephone']
-            else:
-                user.telephone = 'N/A'
             db.session.add(user)
             db.session.commit()
         except Exception as e:

diff --git a/authserver/app/app.py b/authserver/app/app.py
@@ -35,7 +35,7 @@ def create_app(environment: str = None):
             'password': 864000,
             'client_credentials': 60 * 5
         },
-        SECRET_KEY=b'iamasupersecretsecretkey'
+        SECRET_KEY=ConfigurationFactory.generate_secret_key()
     )
     db.init_app(app)
     config_oauth(app)

diff --git a/authserver/config/config.py b/authserver/config/config.py
@@ -193,3 +193,15 @@ def get_config(environment: str):
         else:
             raise ConfigurationEnvironmentNotFoundError(
                 'Cannot find configuration of type {}'.format(environment))
+
+    @staticmethod
+    def generate_secret_key():
+        """Generate a secret for securing the Flask session.
+        Returns:
+            byte: A random string of bytes for secret.
+        """
+        environment = os.getenv('APP_ENV', 'development')
+        if environment.lower() == 'production':
+            return os.getenv('SECRET_KEY', os.urandom(16))
+        else:
+            return b'supersecretaccesscode'
diff --git a/authserver/db/models/models.py b/authserver/db/models/models.py
@@ -133,7 +133,7 @@ class Meta:
     lastname = fields.String(required=True)
     organization = fields.String(required=True)
     email_address = fields.Email(required=True)
-    telephone = fields.String(required=True)
+    telephone = fields.String(required=False)
     active = fields.Boolean(dump_only=True)
     data_trust_id = fields.String(required=True)
     date_created = fields.DateTime(dump_only=True)

diff --git a/tests/api/test_all_apis.py b/tests/api/test_all_apis.py
@@ -120,8 +120,7 @@
         'email_address': '[email protected]',
         'username': 'user7',
         'password': 'password',
-        'data_trust_id': '',
-        'telephone': '967-555-1234'
+        'data_trust_id': ''
     },
     {
         'firstname': 'Danielle',
@@ -130,8 +129,7 @@
         'email_address': '[email protected]',
         'username': 'user8',
         'password': 'password',
-        'data_trust_id': '',
-        'telephone': '681-555-0123'
+        'data_trust_id': ''
     }
 ]
 

diff --git a/wsgi.py b/wsgi.py
@@ -1,5 +1,11 @@
 import os
 from authserver import create_app
+
+from werkzeug.middleware.proxy_fix import ProxyFix
+
 environment = os.getenv('APP_ENV', None)
 
 app = application = create_app(environment)
+
+if environment == 'PRODUCTION':
+    app = ProxyFix(app)