Config, secrets, basic POST handling

* add script/config
  * add atst.ini
  * add cookie_secret
  * update docs
This commit is contained in:
Brian Duggan 2018-05-31 13:55:18 -04:00 committed by Jason Garber
parent 6cf7a7bffa
commit a340eede07
11 changed files with 43 additions and 22 deletions

1
.gitignore vendored
View File

@ -17,6 +17,7 @@ __pycache__
# Compiled python bytecode files # Compiled python bytecode files
*.pyc *.pyc
.cache/ .cache/
atst.ini
# static/fonts for now, since it is just symlink # static/fonts for now, since it is just symlink
static/fonts static/fonts

View File

@ -15,6 +15,16 @@ To enter the virtualenv manually (a la `source .venv/bin/activate`):
If you want to automatically load the virtual environment whenever you enter the project directory, take a look at [direnv](https://direnv.net/). An `.envrc` file is included in this repository. direnv will activate and deactivate virtualenvs for you when you enter and leave the directory. If you want to automatically load the virtual environment whenever you enter the project directory, take a look at [direnv](https://direnv.net/). An `.envrc` file is included in this repository. direnv will activate and deactivate virtualenvs for you when you enter and leave the directory.
## Configuration
A sample configuration is included in atst.ini.example.
cp atst.ini.example atst.ini
Be sure to modify it and change the 'secret' key.
`script/config` (called by script/setup) will provide a default configuration.
## Running (development) ## Running (development)
To start the app and watch for changes: To start the app and watch for changes:

1
app.py
View File

@ -1,6 +1,5 @@
#!/usr/bin/env python #!/usr/bin/env python
import os
import tornado.ioloop import tornado.ioloop
from atst.app import make_app, make_config from atst.app import make_app, make_config

2
atst.ini.example Normal file
View File

@ -0,0 +1,2 @@
[server]
secret = change_me_into_something_secret

View File

@ -16,7 +16,7 @@ from atst.api_client import ApiClient
ENV = os.getenv("TORNADO_ENV", "dev") ENV = os.getenv("TORNADO_ENV", "dev")
def make_app(config): def make_app(config,**kwargs):
authz_client = ApiClient(config["default"]["AUTHZ_BASE_URL"]) authz_client = ApiClient(config["default"]["AUTHZ_BASE_URL"])
authnid_client = ApiClient(config["default"]["AUTHNID_BASE_URL"]) authnid_client = ApiClient(config["default"]["AUTHNID_BASE_URL"])

View File

@ -1,5 +1,6 @@
import tornado import tornado
from atst.handler import BaseHandler from atst.handler import BaseHandler
import tornado.httputil
class RequestNew(BaseHandler): class RequestNew(BaseHandler):
screens = [ screens = [
@ -23,6 +24,18 @@ class RequestNew(BaseHandler):
def initialize(self, page): def initialize(self, page):
self.page = page self.page = page
@tornado.web.authenticated
def post(self, screen = 1):
self.check_xsrf_cookie()
all = {
arg: self.get_argument(arg)
for arg in self.request.arguments
if not arg.startswith('_')
}
print( all )
import json
self.write( json.dumps( all ) )
@tornado.web.authenticated @tornado.web.authenticated
def get(self, screen = 1): def get(self, screen = 1):
self.render( 'requests/screen-%d.html.to' % int(screen), self.render( 'requests/screen-%d.html.to' % int(screen),
@ -30,4 +43,3 @@ class RequestNew(BaseHandler):
screens = self.screens, screens = self.screens,
current = int(screen), current = int(screen),
next_screen = int(screen) + 1 ) next_screen = int(screen) + 1 )

3
script/config Executable file
View File

@ -0,0 +1,3 @@
cp atst.ini.example atst.ini
rand=`head -c 400 /dev/random | tr -dc A-Za-z0-9_=,@-`
perl -p -i -e "s/change_me_into_something_secret/$rand/" atst.ini

View File

@ -24,5 +24,8 @@ fi
# Install application dependencies # Install application dependencies
script/bootstrap script/bootstrap
# Generate default configuration
script/config
# Symlink uswds fonts into the /static directory # Symlink uswds fonts into the /static directory
ln -s ../node_modules/uswds/src/fonts ./static/fonts ln -s ../node_modules/uswds/src/fonts ./static/fonts

View File

@ -5,5 +5,5 @@
<h5 class="usa-footer-slim-logo-heading">Joint Enterprise Defense Infrastructure</h5> <h5 class="usa-footer-slim-logo-heading">Joint Enterprise Defense Infrastructure</h5>
</div> </div>
</div> </div>
</footer> </footer>

View File

@ -3,7 +3,7 @@
{% block form %} {% block form %}
<h2>Details of Use</h2> <h2>Details of Use</h2>
<p>Lorem ipsum dolor sit amet, consectetur adipisicing elit. Doloremque placeat distinctio accusamus quo temporibus facilis, dicta delectus asperiores. Nihil aut quod quibusdam id fugit, officia dolorum laudantium! Quidem tempora, aliquam.</p> <p>Lorem ipsum dolor sit amet, consectetur adipisicing elit. Doloremque placeat distinctio accusamus quo temporibus facilis, dicta delectus asperiores. Nihil aut quod quibusdam id fugit, officia dolorum laudantium! Quidem tempora, aliquam.</p>
<form>
<h3 id="application-details">Application Details</h3> <h3 id="application-details">Application Details</h3>
<p>These headings introduce, respectively, sections and subsections within your body copy. As you create these headings, follow the same guidelines that you use when writing section headings: Be succinct, descriptive, and precise.</p> <p>These headings introduce, respectively, sections and subsections within your body copy. As you create these headings, follow the same guidelines that you use when writing section headings: Be succinct, descriptive, and precise.</p>
@ -143,15 +143,4 @@
<input id="" name="" type="text" placeholder="Total number of environments"> <input id="" name="" type="text" placeholder="Total number of environments">
<br><br>
<button class="usa-button-secondary">Create Application</button>
<br>
<button class="usa-button-secondary" disabled>Save &amp; Continue</button>
</form>
{% end %} {% end %}

View File

@ -8,19 +8,21 @@
<h1>New Request</h1> <h1>New Request</h1>
<aside class="sidenav usa-width-one-third"> <aside class="sidenav usa-width-one-third">
{% include 'requests/sidebar.html.to' %} {% include 'requests/sidebar.html.to' %}
</aside> </aside>
<main class="main-content usa-width-two-thirds"> <main class="main-content usa-width-two-thirds">
{% block form %} <form method='POST' action='{{ reverse_url('request_form', current) }}'>
{% module xsrf_form_html() %}
{% block form %}
form goes here form goes here
{% end %} {% end %}
{% block next %} {% block next %}
<a class='usa-button usa-button-primary' href='{{ reverse_url('request_form',next_screen) }}'>Save &amp; Continue</a> <input type='submit' class='usa-button usa-button-primary' value='Save & Continue' />
{% end %} {% end %}
</form>
</main> </main>