diff --git a/apps/api/plane/authentication/adapter/base.py b/apps/api/plane/authentication/adapter/base.py index 9de1f8160c..9c256ee2ac 100644 --- a/apps/api/plane/authentication/adapter/base.py +++ b/apps/api/plane/authentication/adapter/base.py @@ -3,32 +3,33 @@ # See the LICENSE file for details. # Python imports +import logging import os import uuid -import logging -import requests from io import BytesIO +import requests +from django.conf import settings +from django.core.exceptions import ValidationError +from django.core.validators import validate_email # Django imports from django.utils import timezone -from django.core.validators import validate_email -from django.core.exceptions import ValidationError -from django.conf import settings # Third party imports from zxcvbn import zxcvbn -# Module imports -from plane.db.models import Profile, User, WorkspaceMemberInvite, FileAsset -from plane.license.utils.instance_value import get_configuration_value -from .error import AuthenticationException, AUTHENTICATION_ERROR_CODES from plane.bgtasks.user_activation_email_task import user_activation_email + +# Module imports +from plane.db.models import FileAsset, Profile, User, WorkspaceMemberInvite +from plane.license.utils.instance_value import get_configuration_value +from plane.settings.storage import S3Storage +from plane.utils.exception_logger import log_exception from plane.utils.host import base_host from plane.utils.ip_address import get_client_ip -from plane.utils.exception_logger import log_exception -from plane.settings.storage import S3Storage +from .error import AUTHENTICATION_ERROR_CODES, AuthenticationException class Adapter: @@ -63,7 +64,7 @@ class Adapter: def sanitize_email(self, email): # Check if email is present if not email: - self.logger.error(f"Email is not present: {email}") + self.logger.error("Email is not present") raise AuthenticationException( error_code=AUTHENTICATION_ERROR_CODES["INVALID_EMAIL"], error_message="INVALID_EMAIL", @@ -90,7 +91,7 @@ class Adapter: """Validate password strength""" results = zxcvbn(self.code) if results["score"] < 3: - self.logger.warning(f"Password is not strong enough: {email}") + self.logger.warning("Password is not strong enough") raise AuthenticationException( error_code=AUTHENTICATION_ERROR_CODES["PASSWORD_TOO_WEAK"], error_message="PASSWORD_TOO_WEAK", diff --git a/apps/api/plane/authentication/adapter/oauth.py b/apps/api/plane/authentication/adapter/oauth.py index 729ee64692..0bef76b248 100644 --- a/apps/api/plane/authentication/adapter/oauth.py +++ b/apps/api/plane/authentication/adapter/oauth.py @@ -4,20 +4,21 @@ # Python imports import requests +from django.db import DatabaseError, IntegrityError # Django imports from django.utils import timezone -from django.db import DatabaseError, IntegrityError + +from plane.authentication.adapter.error import ( + AUTHENTICATION_ERROR_CODES, + AuthenticationException, +) # Module imports from plane.db.models import Account +from plane.utils.exception_logger import log_exception from .base import Adapter -from plane.authentication.adapter.error import ( - AuthenticationException, - AUTHENTICATION_ERROR_CODES, -) -from plane.utils.exception_logger import log_exception class OauthAdapter(Adapter): @@ -78,10 +79,7 @@ class OauthAdapter(Adapter): response.raise_for_status() return response.json() except requests.RequestException: - self.logger.warning("Error getting user token", extra={ - "data": data, - "headers": headers, - }) + self.logger.warning("Error getting user token") code = self.authentication_error_code() raise AuthenticationException(error_code=AUTHENTICATION_ERROR_CODES[code], error_message=str(code)) @@ -92,9 +90,12 @@ class OauthAdapter(Adapter): response.raise_for_status() return response.json() except requests.RequestException: - self.logger.warning("Error getting user response", extra={ - "headers": headers, - }) + self.logger.warning( + "Error getting user response", + extra={ + "headers": headers, + }, + ) code = self.authentication_error_code() raise AuthenticationException(error_code=AUTHENTICATION_ERROR_CODES[code], error_message=str(code)) diff --git a/apps/api/plane/authentication/provider/oauth/github.py b/apps/api/plane/authentication/provider/oauth/github.py index 2d8462e611..935dba2479 100644 --- a/apps/api/plane/authentication/provider/oauth/github.py +++ b/apps/api/plane/authentication/provider/oauth/github.py @@ -6,16 +6,18 @@ import os from datetime import datetime from urllib.parse import urlencode + import pytz import requests +from plane.authentication.adapter.error import ( + AUTHENTICATION_ERROR_CODES, + AuthenticationException, +) + # Module imports from plane.authentication.adapter.oauth import OauthAdapter from plane.license.utils.instance_value import get_configuration_value -from plane.authentication.adapter.error import ( - AuthenticationException, - AUTHENTICATION_ERROR_CODES, -) class GitHubOAuthProvider(OauthAdapter): @@ -29,22 +31,20 @@ class GitHubOAuthProvider(OauthAdapter): organization_scope = "read:org" def __init__(self, request, code=None, state=None, callback=None): - GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, GITHUB_ORGANIZATION_ID = get_configuration_value( - [ - { - "key": "GITHUB_CLIENT_ID", - "default": os.environ.get("GITHUB_CLIENT_ID"), - }, - { - "key": "GITHUB_CLIENT_SECRET", - "default": os.environ.get("GITHUB_CLIENT_SECRET"), - }, - { - "key": "GITHUB_ORGANIZATION_ID", - "default": os.environ.get("GITHUB_ORGANIZATION_ID"), - }, - ] - ) + GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, GITHUB_ORGANIZATION_ID = get_configuration_value([ + { + "key": "GITHUB_CLIENT_ID", + "default": os.environ.get("GITHUB_CLIENT_ID"), + }, + { + "key": "GITHUB_CLIENT_SECRET", + "default": os.environ.get("GITHUB_CLIENT_SECRET"), + }, + { + "key": "GITHUB_ORGANIZATION_ID", + "default": os.environ.get("GITHUB_ORGANIZATION_ID"), + }, + ]) if not (GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET): raise AuthenticationException( @@ -89,23 +89,21 @@ class GitHubOAuthProvider(OauthAdapter): "redirect_uri": self.redirect_uri, } token_response = self.get_user_token(data=data, headers={"Accept": "application/json"}) - super().set_token_data( - { - "access_token": token_response.get("access_token"), - "refresh_token": token_response.get("refresh_token", None), - "access_token_expired_at": ( - datetime.fromtimestamp(token_response.get("expires_in"), tz=pytz.utc) - if token_response.get("expires_in") - else None - ), - "refresh_token_expired_at": ( - datetime.fromtimestamp(token_response.get("refresh_token_expired_at"), tz=pytz.utc) - if token_response.get("refresh_token_expired_at") - else None - ), - "id_token": token_response.get("id_token", ""), - } - ) + super().set_token_data({ + "access_token": token_response.get("access_token"), + "refresh_token": token_response.get("refresh_token", None), + "access_token_expired_at": ( + datetime.fromtimestamp(token_response.get("expires_in"), tz=pytz.utc) + if token_response.get("expires_in") + else None + ), + "refresh_token_expired_at": ( + datetime.fromtimestamp(token_response.get("refresh_token_expired_at"), tz=pytz.utc) + if token_response.get("refresh_token_expired_at") + else None + ), + "id_token": token_response.get("id_token", ""), + }) def __get_email(self, headers): try: @@ -128,10 +126,9 @@ class GitHubOAuthProvider(OauthAdapter): ) return email except requests.RequestException: - self.logger.warning("Error getting email from GitHub", extra={ - "headers": headers, - "emails_response": emails_response, - }) + self.logger.warning( + "Error getting email from GitHub", + ) raise AuthenticationException( error_code=AUTHENTICATION_ERROR_CODES["GITHUB_OAUTH_PROVIDER_ERROR"], error_message="GITHUB_OAUTH_PROVIDER_ERROR", @@ -154,29 +151,33 @@ class GitHubOAuthProvider(OauthAdapter): if self.organization_id: if not self.is_user_in_organization(user_info_response.get("login")): - self.logger.warning("User is not in organization", extra={ - "organization_id": self.organization_id, - "user_login": user_info_response.get("login"), - }) + self.logger.warning( + "User is not in organization", + extra={ + "organization_id": self.organization_id, + "user_login": user_info_response.get("login"), + }, + ) raise AuthenticationException( error_code=AUTHENTICATION_ERROR_CODES["GITHUB_USER_NOT_IN_ORG"], error_message="GITHUB_USER_NOT_IN_ORG", ) email = self.__get_email(headers=headers) - self.logger.info("Email found", extra={ - "email": email, - }) - super().set_user_data( - { + self.logger.debug( + "Email found", + extra={ "email": email, - "user": { - "provider_id": user_info_response.get("id"), - "email": email, - "avatar": user_info_response.get("avatar_url"), - "first_name": user_info_response.get("name"), - "last_name": user_info_response.get("family_name"), - "is_password_autoset": True, - }, - } + }, ) + super().set_user_data({ + "email": email, + "user": { + "provider_id": user_info_response.get("id"), + "email": email, + "avatar": user_info_response.get("avatar_url"), + "first_name": user_info_response.get("name"), + "last_name": user_info_response.get("family_name"), + "is_password_autoset": True, + }, + })