User accounts

[kevinkle]

Perhaps via https://github.com/lingthio/Flask-User
With modifications to the front-end for handling in React

[kevinkle]

The intention is to instead of using usernames,emails,password, have users click a captcha (superphy/grouch#49) to create an access key which is used to auth all posts.

We would still support superphy/grouch#32 without need for the specific access key which created the job.

[kevinkle]

Going with https://github.com/lingthio/Flask-User

[kevinkle]

Headers

POST /user/register HTTP/1.1
Host: localhost:5000
Connection: keep-alive
Content-Length: 249
Pragma: no-cache
Cache-Control: no-cache
Origin: http://localhost:5000
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
DNT: 1
Referer: http://localhost:5000/user/register
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,la;q=0.8
Cookie: connect.sid=s%3AagS4ToneBPY1ca56-qxZmPG3W9pz0RHx.LanSHVTQudNyWRrSMic0rxkj9Bp4VJd0ukpQDxC2g2c; JSESSIONID=5ec1b64efd72d03337f755d24169; treeForm_tree-hi=treeForm:tree:applications:Lab1_Calculator_war_exploded; _ga=GA1.1.176805916.1479662707; _xsrf=2|53be64bd|a0967700cd9a2df5e35e3c372053d438|1511891283; username-localhost-8888="2|1:0|10:1512053825|23:username-localhost-8888|44:YTkxYzdjMjEyNWE3NDE3MWIyYmVjODgwNzgyMTZjZWQ=|3a5562d6884d512cca56488577ae021aae36392ecfdfafaa23f58f06f499865f"; csrftoken=SLodNlTmu5F6JfBNYl4wVmS1z2DcWeja5ap9eDEqzzeyFnxQMo6Ez7pY65QPlgEm; session=eyJfZnJlc2giOmZhbHNlLCJjc3JmX3Rva2VuIjoiMzY4MjZiM2Q3YWIyNDM2Y2VhMzU0NjAyMWFmNWNmNTgzMWM0NGNiNiJ9.DSNhBg.RTBaBF_UUOe3HQ7BDP6DacOFT5U

Payload

next:/member
reg_next:/
invite_token:
csrf_token:IjM2ODI2YjNkN2FiMjQzNmNlYTM1NDYwMjFhZjVjZjU4MzFjNDRjYjYi.DSNhBg.jyGByGqtm_mGsMROoh2KMs75FCQ
email:johnsnow@gmail.com
first_name:john
last_name:snow
password:passwordA1
retype_password:passwordA1

[kevinkle]

Reactapp allows you to login/logout now, but still needs to do something with the account (retrieve results from flask) superphy/grouch@041e498
Was done with auth0

[kevinkle]

Flask setup is working as of 841b0d5 but it looks like the reactapp is shortening the access_token and causing parse errors.

[kevinkle]

We're talking to each other on both ends 👍 as of superphy/grouch@fcade13 and 841b0d5 . Now to have results cached and retrievable on backend.

[kevinkle]

Looks like I should use the sub claim from the access_token as an account identifier. We're not going to worry about scopes atm., just assume anyone with an account has access to their own data.

[kevinkle]

Going to use mongodb on the backend to store the jobs json from redux. Example:

{
  jobs: [
    {
      id: 0,
      hash: 'blob-8139474543657931965',
      analysis: 'Subtyping',
      date: '12:02:01 PM',
      description: 'GCA_001901445.1_ASM190144v1_genomic.fna with pi: 90 for  Serotype VF pan'
    },
    {
      id: 1,
      hash: 'blob4430257235633492760',
      analysis: 'Subtyping',
      date: '12:02:14 PM',
      description: 'GCA_900096855.1_Ecoli_AG100_Sample2_Wildtype_Assembly_genomic.fna with pi: 90 for  Serotype VF pan'
    }
  ]
}

The sub id will be mapped to this.

[kevinkle]

reactapp can read what it needs to sync accounts with backend as of superphy/grouch@d5581ef . now adding the sync in

[kevinkle]

All functionality works as of 656de07 and superphy/grouch@e0b4e3c . Will make a few touchups and deploy it tomorrow.

[kevinkle]

General relase https://github.com/superphy/backend/releases/tag/v6.0.0.

Production versions are https://github.com/superphy/reactapp/tree/production-6.0.0 and https://github.com/superphy/backend/tree/production-6.0.0.

Closing issue.