diff --git a/dd-sso/admin/src/admin/auth/authentication.py b/dd-sso/admin/src/admin/auth/authentication.py index dfc758e..f98c587 100644 --- a/dd-sso/admin/src/admin/auth/authentication.py +++ b/dd-sso/admin/src/admin/auth/authentication.py @@ -23,42 +23,42 @@ import os from flask_login import LoginManager, UserMixin from typing import TYPE_CHECKING, Dict + if TYPE_CHECKING: from admin.flaskapp import AdminFlaskApp -ram_users = { - os.environ["ADMINAPP_USER"]: { - "id": os.environ["ADMINAPP_USER"], - "password": os.environ["ADMINAPP_PASSWORD"], - "role": "manager", - }, - os.environ["KEYCLOAK_USER"]: { - "id": os.environ["KEYCLOAK_USER"], - "password": os.environ["KEYCLOAK_PASSWORD"], - "role": "admin", - }, - os.environ["WORDPRESS_MARIADB_USER"]: { - "id": os.environ["WORDPRESS_MARIADB_USER"], - "password": os.environ["WORDPRESS_MARIADB_PASSWORD"], - "role": "manager", - }, -} +ram_users = {} + +for app, app_role in [ + ("ADMINAPP", "manager"), + ("KEYCLOAK", "admin"), + ("WORDPRESS_MARIADB", "manager"), +]: + k = f"{app}_USER" + if os.environ.get(k, ""): + pk = f"{app}_PASSWORD" + ram_users[os.environ[k]] = { + "id": os.environ[k], + "password": os.environ[pk], + "role": app_role, + } class User(UserMixin): - def __init__(self, id : str, password : str, role : str, active : bool = True) -> None: + def __init__(self, id: str, password: str, role: str, active: bool = True) -> None: self.id = id self.username = id self.password = password self.role = role self.active = active -def setup_auth(app : "AdminFlaskApp") -> None: + +def setup_auth(app: "AdminFlaskApp") -> None: login_manager = LoginManager() login_manager.init_app(app) login_manager.login_view = "login" @login_manager.user_loader - def user_loader(username : str) -> User: + def user_loader(username: str) -> User: u = ram_users[username] - return User(id = u["id"], password = u["password"], role = u["role"]) + return User(id=u["id"], password=u["password"], role=u["role"]) diff --git a/dd-sso/admin/src/admin/flaskapp.py b/dd-sso/admin/src/admin/flaskapp.py index c200982..92c30cd 100644 --- a/dd-sso/admin/src/admin/flaskapp.py +++ b/dd-sso/admin/src/admin/flaskapp.py @@ -161,13 +161,13 @@ class AdminFlaskApp(Flask): # Move on with settings from the environment self.config.update({ "DOMAIN": self.domain, - "KEYCLOAK_POSTGRES_USER": os.environ["KEYCLOAK_DB_USER"], - "KEYCLOAK_POSTGRES_PASSWORD": os.environ["KEYCLOAK_DB_PASSWORD"], - "MOODLE_POSTGRES_USER": os.environ["MOODLE_POSTGRES_USER"], - "MOODLE_POSTGRES_PASSWORD": os.environ["MOODLE_POSTGRES_PASSWORD"], - "NEXTCLOUD_POSTGRES_USER": os.environ["NEXTCLOUD_POSTGRES_USER"], - "NEXTCLOUD_POSTGRES_PASSWORD": os.environ["NEXTCLOUD_POSTGRES_PASSWORD"], - "VERIFY": os.environ["VERIFY"] == "true", + "KEYCLOAK_POSTGRES_USER": os.environ.get("KEYCLOAK_DB_USER"), + "KEYCLOAK_POSTGRES_PASSWORD": os.environ.get("KEYCLOAK_DB_PASSWORD"), + "MOODLE_POSTGRES_USER": os.environ.get("MOODLE_POSTGRES_USER"), + "MOODLE_POSTGRES_PASSWORD": os.environ.get("MOODLE_POSTGRES_PASSWORD"), + "NEXTCLOUD_POSTGRES_USER": os.environ.get("NEXTCLOUD_POSTGRES_USER"), + "NEXTCLOUD_POSTGRES_PASSWORD": os.environ.get("NEXTCLOUD_POSTGRES_PASSWORD"), + "VERIFY": os.environ.get("VERIFY") == "true", "API_SECRET": os.environ.get("API_SECRET"), }) except Exception as e: diff --git a/dd-sso/admin/src/admin/lib/admin.py b/dd-sso/admin/src/admin/lib/admin.py index a7c6fee..f3c87e9 100644 --- a/dd-sso/admin/src/admin/lib/admin.py +++ b/dd-sso/admin/src/admin/lib/admin.py @@ -68,9 +68,9 @@ if TYPE_CHECKING: from admin.flaskapp import AdminFlaskApp from admin.lib.callbacks import ThirdPartyCallbacks -MANAGER = os.environ["CUSTOM_ROLE_MANAGER"] -TEACHER = os.environ["CUSTOM_ROLE_TEACHER"] -STUDENT = os.environ["CUSTOM_ROLE_STUDENT"] +MANAGER = os.environ.get("CUSTOM_ROLE_MANAGER", "manager") +TEACHER = os.environ.get("CUSTOM_ROLE_TEACHER", "teacher") +STUDENT = os.environ.get("CUSTOM_ROLE_STUDENT", "student") DDUser = Dict[str, Any] DDGroup = Dict[str, Any] diff --git a/dd-sso/admin/src/admin/lib/keycloak_client.py b/dd-sso/admin/src/admin/lib/keycloak_client.py index 75af0ba..313c3b0 100644 --- a/dd-sso/admin/src/admin/lib/keycloak_client.py +++ b/dd-sso/admin/src/admin/lib/keycloak_client.py @@ -57,8 +57,8 @@ class KeycloakClient: def __init__( self, url : str="http://dd-sso-keycloak:8080/auth/", - username : str=os.environ["KEYCLOAK_USER"], - password : str=os.environ["KEYCLOAK_PASSWORD"], + username : str=os.environ.get("KEYCLOAK_USER", ""), + password : str=os.environ.get("KEYCLOAK_PASSWORD", ""), realm : str="master", verify : bool=True, ) -> None: @@ -71,8 +71,8 @@ class KeycloakClient: self.keycloak_pg = Postgres( "dd-apps-postgresql", "keycloak", - os.environ["KEYCLOAK_DB_USER"], - os.environ["KEYCLOAK_DB_PASSWORD"], + os.environ.get("KEYCLOAK_DB_USER", ""), + os.environ.get("KEYCLOAK_DB_PASSWORD", ""), ) def connect(self) -> None: diff --git a/dd-sso/admin/src/admin/lib/nextcloud.py b/dd-sso/admin/src/admin/lib/nextcloud.py index 60ae6a9..763dcfd 100644 --- a/dd-sso/admin/src/admin/lib/nextcloud.py +++ b/dd-sso/admin/src/admin/lib/nextcloud.py @@ -51,8 +51,8 @@ class Nextcloud: def __init__( self, app : "AdminFlaskApp", - username : str=os.environ["NEXTCLOUD_ADMIN_USER"], - password : str=os.environ["NEXTCLOUD_ADMIN_PASSWORD"], + username : str=os.environ.get("NEXTCLOUD_ADMIN_USER", ""), + password : str=os.environ.get("NEXTCLOUD_ADMIN_PASSWORD", ""), verify : bool=True, ) -> None: url = "https://nextcloud." + app.config["DOMAIN"]