Luminus Authentication (Resolves #337)

README.md

@@ -21,10 +21,10 @@ Cadet is the web application powering Source Academy.
 $ cp config/secrets.exs.example config/secrets.exs
 $ vim config/secrets.exs
 ```    
-  - A valid `ivle_key` is required for the application to properly authenticate with IVLE.
-  - A valid `cs1101s_repository`, `cs1101s_rsa_key`, `guest_username`, and `guest_password`
-    is required for the application to run with the `--updater` flag. Otherwise, the default
-    values will suffice.
+  - A valid `luminus_api_key`, `luminus_client_id`, `luminus_client_secret` and 
+    `luminus_redirect_url` are required for the application to properly authenticate with LumiNUS.
+  - A valid `cs1101s_repository`, `cs1101s_rsa_key` is required for the application to 
+    run with the `--updater` flag. Otherwise, the default values will suffice.
 
 2. Install Elixir dependencies
 ```bash

config/config.exs

@@ -7,9 +7,7 @@ use Mix.Config
 
 # General application configuration
 config :cadet,
-  ecto_repos: [Cadet.Repo],
-  # milliseconds
-  updater: [interval: 1 * 60 * 1000]
+  ecto_repos: [Cadet.Repo]
 
 # Scheduler, e.g. for CS1101S
 config :cadet, Cadet.Jobs.Scheduler,
@@ -78,7 +76,7 @@ config :guardian, Guardian.DB,
   # default: 60 minute
   sweep_interval: 60
 
-# Import secrets, such as the IVLE key, or guest account credentials
+# Import secrets, such as the LumiNUS key, or guest account credentials
 # The secret.exs file holds secrets that are useful even in development, and
 # so is kept separate from the prod.secret.exs file, which holds secrets useful
 # only for configuring the production build.

config/secrets.exs.example

@@ -1,12 +1,15 @@
 use Mix.Config
 
 config :cadet,
+  luminus: [
+    api_key: "API_KEY",
+    client_id: "CLIENT_ID",
+    client_secret: "CLIENT_SECRET",
+    redirect_url: "REDIRECT_URL"
+  ],
   updater: [
     cs1101s_repository: "git@github.com:cs1101s/cs1101s.git",
-    cs1101s_rsa_key: "/home/user/.ssh/cs1101s",
-    guest_username: "E123456",
-    guest_password: "password",
-    ivle_key: "IVLE_KEY"
+    cs1101s_rsa_key: "/home/user/.ssh/cs1101s"
   ],
   autograder: [
     lambda_name: "autograderLambdaName"

lib/cadet/accounts/accounts.ex

@@ -7,7 +7,7 @@ defmodule Cadet.Accounts do
   import Ecto.Query
 
   alias Cadet.Accounts.Form.Registration
-  alias Cadet.Accounts.{Authorization, IVLE, Query, User}
+  alias Cadet.Accounts.{Authorization, Luminus, Query, User}
 
   @doc """
   Register new User entity using Cadet.Accounts.Form.Registration
@@ -118,25 +118,27 @@ defmodule Cadet.Accounts do
   @doc """
   Sign in using given NUSNET_ID
   """
-  def sign_in(nusnet_id, token) do
+  def sign_in(nusnet_id, name, token) do
     auth = Repo.one(Query.nusnet_id(nusnet_id))
 
     if auth do
       auth = Repo.preload(auth, :user)
       {:ok, auth.user}
     else
       # user is not registered in our database
-      with {:ok, name} <- IVLE.fetch_name(token),
-           {:ok, role} <- IVLE.fetch_role(token),
+      with {:ok, role} <- Luminus.fetch_role(token),
            {:ok, _} <- register(%{name: name, nusnet_id: nusnet_id}, role) do
-        sign_in(nusnet_id, token)
+        sign_in(nusnet_id, name, token)
       else
+        {:error, :forbidden} ->
+          # Luminus.fetch_role/1 responds with :forbidden if student does not read CS1101S
+          {:error, :forbidden}
+
         {:error, :bad_request} ->
-          # IVLE.fetch_*/1 responds with :bad_request if token is invalid
+          # Luminus.fetch_role/1 responds with :bad_request if token is invalid
           {:error, :bad_request}
 
         {:error, _} ->
-          # IVLE.fetch_*/1 responds with :internal_server_error if API key is invalid
           # register/2 returns {:error, changeset} if changeset is invalid
           {:error, :internal_server_error}
       end

lib/cadet/accounts/form/login.ex

@@ -1,17 +1,17 @@
 defmodule Cadet.Accounts.Form.Login do
   @moduledoc """
   The Accounts.Form entity represents an entry from an accounts form.
-  A login form comprises of an IVLE authentication token.
+  A login form comprises of an LumiNUS authentication token.
   """
   use Ecto.Schema
 
   import Ecto.Changeset
 
   embedded_schema do
-    field(:ivle_token, :string)
+    field(:luminus_code, :string)
   end
 
-  @required_fields ~w(ivle_token)a
+  @required_fields ~w(luminus_code)a
 
   def changeset(login, params \\ %{}) do
     login

lib/cadet/accounts/form/registration.ex

@@ -1,7 +1,7 @@
 defmodule Cadet.Accounts.Form.Registration do
   @moduledoc """
   The Accounts.Form entity represents an entry from a /auth call, where the
-  IVLE authentication token corresponds to a user who has not been registered
+  LumiNUS authentication token corresponds to a user who has not been registered
   in our database.
   """