Django Allauth (#201) by gdude2002 · Pull Request #274 · python-discord/site

gdude2002 · 2019-10-03T14:10:35Z

This pull request implements Django Allauth as described in #201.

Fixes #201.

This is a fairly big PR which, I think, may have had a little scope creep. Here's what it changes:

Add django-allauth dependency
Implements Discord OAuth logins using django-allauth
Exposes messages from the Django messages framework as slide-in Bulma notifications at the top right of the page, positioned just below the navbar
Re-styles Bulma notifications when used in the context of the Django messages framework
Redefines Bulma's bundled colours, in order to make them less loud and make Bulma calculate colours based on the primary blurple better (by redefining turquoise to blurple)
Implements some logic to synchronise Discord roles and Django permissions groups based on signals emitted by various events

I would super love some reviews for this, particularly when it comes to the tests I wrote for the signal handlers, and the signal handling itself.

I'm not super happy with the signal handlers test - it's more setup than test! If anyone has any ideas on how to clean that up, I'd appreciate it.

Old TODO:

Set up signal listeners for Allauth events
Set up signal listeners for relevant Model save events
Document the signal system in comments/docstrings
Fix up message system
- Move messages to a corner
- Restyle messages
  - Discord embed-style messages with the left border?
  - More muted colours? Perhaps shades of the primary blurple.
~~Profile page with GH connect/disconnect and account delete~~
~~Create templates for the Allauth-provided account pages~~
Review the Allauth URLs to ensure we're only using what we need
- ~~Ensure login page explains the data we're collecting and collects explicit consent~~
Create a user profile page (or just send them back to the homepage)
Figure out how to signpost/link to this system from the rest of the site

Turns out, setting this *does* move the model to a different category under the admin - but it also reparents it to the referenced app, so the migrations are created under that app instead. Nasty.

# Conflicts: # Pipfile # Pipfile.lock

gdude2002 · 2019-10-06T20:59:52Z

Super happy to say that this PR is now ready for review! Here are some screenshots and videos that showcase the changes I've made.

Login link in dropdown

New Bulma colours, shown here as notification styles

Django admin, showing a role mapping

Django admin, showing my Discord account, sans email

MP4 showing the login flow

Co-Authored-By: Johannes Christ <jc@jchri.st>

jchristgit

This looks pretty solid so I will have to resort to notpicking :(

The role mapping model is just about the cleanest way I have seen to accomplish this. I think in my last implementation of this I just hardcoded that, but a nice admin frontend for it is pretty brilliant.

That said, if the role mappings update, shouldn't the signal handler fire?

gdude2002 · 2019-10-11T18:42:24Z

Good catch on the missing signals. I'm leaving a short TODO list in this comment so I don't forget:

Handle RoleMapping deletions
Handle RoleMapping updates (use pre_save and check against object already in DB if possible, otherwise try to disallow updates)

This also enforces unique values for both attributes on the RoleMapping model. Supporting configurations where this isn't the case would introduce quite a lot of added complexity.

gdude2002 · 2019-10-11T21:37:45Z

Alright, I think that's all of your review addressed, @jchristgit!

jchristgit

very solid work

lemonsaurus

Very high quality PR, but I do have a few requests before I can approve.

scragly

Absolutely sexy. LGTM

Comments all addressed

gdude2002 added 22 commits October 3, 2019 15:08

Initial Allauth dependency and settings/urls

99bc330

Remove accidental static files commit; fix Allauth

8cfff31

Re-add erroneously removed static files

b83f1b2

Disable Allauth email verification

01c0598

Add model to map Discord roles to Django permissions groups

99263f6

Remove app_label from role mapping model

646dc95

Turns out, setting this *does* move the model to a different category under the admin - but it also reparents it to the referenced app, so the migrations are created under that app instead. Nasty.

Hook up Allauth and model signals to handle group assignments

699f1a1

Merge branch 'master' into #201-django-allauth

bd11c70

Tests for signal handlers

292aed8

Add docstrings to tests, and test role mapping __str__()

234db56

Clean up and comment signal tests

f836707

Add MessageRedirectView and show messages on the index page

23f7f9e

Set up needed Allauth URLs and add login/logout to navbar

0ebaa16

Test allauth redirect URLs

fa3cc5e

Move messages to the top right

486b37b

Message styling (default to light for now)

b437c26

Add missing CSS for notifications

23cf296

Make the Bulma colours less saturated

3c6d913

Login page and styling fixes

8e4fb94

Replace card on login page with notification

8ec060e

Prevent saving emails, remove login page

e736381

Remove GH login implementation, out of scope of this PR

c137325

gdude2002 added area: backend Related to internal functionality and utilities enhancement area: frontend Related to site content and user interaction language: python Involves Python code labels Oct 6, 2019

gdude2002 added 2 commits October 6, 2019 21:48

Merge branch 'master' into #201-django-allauth

18f4c29

# Conflicts: # Pipfile # Pipfile.lock

Re-lock Pipfile due to merge with master

a7a5ccf

gdude2002 marked this pull request as ready for review October 6, 2019 20:51

Register GH provider manually in tests

85d3b3f