Config, secrets, basic POST handling

* add script/config * add atst.ini * add cookie_secret * update docs
2018-05-31 13:55:18 -04:00 · 2018-05-31 13:55:18 -04:00 · a340eede07
commit a340eede07
parent 6cf7a7bffa
11 changed files with 43 additions and 22 deletions
--- a/.gitignore
+++ b/.gitignore
@ -17,6 +17,7 @@ __pycache__
 # Compiled python bytecode files
 *.pyc
 .cache/
 atst.ini
 # static/fonts for now, since it is just symlink
 static/fonts
--- a/README.md
+++ b/README.md
@ -15,6 +15,16 @@ To enter the virtualenv manually (a la `source .venv/bin/activate`):
 If you want to automatically load the virtual environment whenever you enter the project directory, take a look at [direnv](https://direnv.net/).  An `.envrc` file is included in this repository.  direnv will activate and deactivate virtualenvs for you when you enter and leave the directory.
 ## Configuration
 A sample configuration is included in atst.ini.example.
    cp atst.ini.example atst.ini
 Be sure to modify it and change the 'secret' key.
 `script/config` (called by script/setup) will provide a default configuration.
 ## Running (development)
 To start the app and watch for changes:
--- a/app.py
+++ b/app.py
@ -1,6 +1,5 @@
 #!/usr/bin/env python
 import os
 import tornado.ioloop
 from atst.app import make_app, make_config
--- a/atst.ini.example
+++ b/atst.ini.example
@ -0,0 +1,2 @@
 [server]
 secret = change_me_into_something_secret
--- a/atst/app.py
+++ b/atst/app.py
@ -16,7 +16,7 @@ from atst.api_client import ApiClient
 ENV = os.getenv("TORNADO_ENV", "dev")
-def make_app(config):
+def make_app(config,**kwargs):
    authz_client = ApiClient(config["default"]["AUTHZ_BASE_URL"])
    authnid_client = ApiClient(config["default"]["AUTHNID_BASE_URL"])
--- a/atst/handlers/request_new.py
+++ b/atst/handlers/request_new.py
@ -1,5 +1,6 @@
 import tornado
 from atst.handler import BaseHandler
 import tornado.httputil
 class RequestNew(BaseHandler):
    screens = [
@ -23,6 +24,18 @@ class RequestNew(BaseHandler):
    def initialize(self, page):
        self.page = page
    @tornado.web.authenticated
    def post(self, screen = 1):
        self.check_xsrf_cookie()
        all = {
                    arg: self.get_argument(arg)
                        for arg in self.request.arguments
                        if not arg.startswith('_')
               }
        print( all )
        import json
        self.write( json.dumps( all ) )
    @tornado.web.authenticated
    def get(self, screen = 1):
        self.render( 'requests/screen-%d.html.to' % int(screen),
@ -30,4 +43,3 @@ class RequestNew(BaseHandler):
                    screens = self.screens,
                    current = int(screen),
                    next_screen = int(screen) + 1 )
--- a/script/config
+++ b/script/config
@ -0,0 +1,3 @@
 cp atst.ini.example atst.ini
 rand=`head -c 400 /dev/random | tr -dc A-Za-z0-9_=,@-`
 perl -p -i -e "s/change_me_into_something_secret/$rand/" atst.ini
--- a/script/setup
+++ b/script/setup
@ -24,5 +24,8 @@ fi
 # Install application dependencies
 script/bootstrap
 # Generate default configuration
 script/config
 # Symlink uswds fonts into the /static directory
 ln -s ../node_modules/uswds/src/fonts ./static/fonts
--- a/templates/footer.html.to
+++ b/templates/footer.html.to
@ -5,5 +5,5 @@
      <h5 class="usa-footer-slim-logo-heading">Joint Enterprise Defense Infrastructure</h5>
    </div>
  </div>
-  
+
 </footer>
--- a/templates/requests/screen-1.html.to
+++ b/templates/requests/screen-1.html.to
@ -3,7 +3,7 @@
 {% block form %}
 <h2>Details of Use</h2>
 <p>Lorem ipsum dolor sit amet, consectetur adipisicing elit. Doloremque placeat distinctio accusamus quo temporibus facilis, dicta delectus asperiores. Nihil aut quod quibusdam id fugit, officia dolorum laudantium! Quidem tempora, aliquam.</p>
-<form>
+
  <h3 id="application-details">Application Details</h3>
  <p>These headings introduce, respectively, sections and subsections within your body copy. As you create these headings, follow the same guidelines that you use when writing section headings: Be succinct, descriptive, and precise.</p>
@ -143,15 +143,4 @@
  <input id="" name="" type="text" placeholder="Total number of environments">
  <br><br>
  <button class="usa-button-secondary">Create Application</button>
  <br>
  <button class="usa-button-secondary" disabled>Save &amp; Continue</button>
 </form>
 {% end %}
--- a/templates/requests_new.html.to
+++ b/templates/requests_new.html.to
@ -8,19 +8,21 @@
 <h1>New Request</h1>
 <aside class="sidenav usa-width-one-third">
  {% include 'requests/sidebar.html.to' %}
 </aside>
 <main class="main-content usa-width-two-thirds">
-  {% block form %}
+    <form method='POST' action='{{ reverse_url('request_form', current) }}'>
    {% module xsrf_form_html() %}
    {% block form %}
    form goes here
-  {% end %}
+    {% end %}
-  {% block next %}
+    {% block next %}
-    <a class='usa-button usa-button-primary' href='{{ reverse_url('request_form',next_screen) }}'>Save &amp; Continue</a>
+    <input type='submit' class='usa-button usa-button-primary' value='Save & Continue' />
-  {% end %}
+    {% end %}
    </form>
 </main>
		`@ -0,0 +1,2 @@`
							`[server]`
							`secret = change_me_into_something_secret`