From c59890628d53978aafd56bb93ba9c8c9e13b58c3 Mon Sep 17 00:00:00 2001
From: Raffu Khondaker <2022rkhondak@tjhsst.edu>
Date: Sun, 14 Jun 2020 20:32:48 -0400
Subject: [PATCH] authorization

---
 CLI/oauth/index.html       |  23 -------
 Website/api/serializers.py |   2 +-
 skoolos.py                 | 129 +++++++++++++++++++++++--------------
 3 files changed, 81 insertions(+), 73 deletions(-)
 delete mode 100644 CLI/oauth/index.html

diff --git a/CLI/oauth/index.html b/CLI/oauth/index.html
deleted file mode 100644
index 9ffd6ef..0000000
--- a/CLI/oauth/index.html
+++ /dev/null
@@ -1,23 +0,0 @@
-<html>
-    <head>
-        <title>Sign into Ion</title>
-        <style>
-            body {
-              background: #5ac8fb;
-              background: -webkit-linear-gradient(to left, #52edc7, #5ac8fb);
-              background: linear-gradient(to left, #52edc7, #5ac8fb);
-            }
-        </style>
-
-        <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css" integrity="sha384-9aIt2nRpC12Uk9gS9baDl411NQApFmC26EwAOH8WgZl5MYYxFfc+NcPb1dKGj7Sk" crossorigin="anonymous">
-
-    </head>
-    <body>
-    <div class="d-flex align-items-center justify-content-center" style="height: 100vh">
-        <a href="https://ion.tjhsst.edu/oauth/authorize/?response_type=code&client_id=QeZPBSKqdvWFfBv1VYTSv9iFGz5T9pVJtNUjbEr6&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Fcallback%2F&scope=read&state=yPblNZvC39bYCruLcVibEUzLjXkwaJ" title="Ion" class="border border-dark p-3 btn btn-lg mx-auto" style="box-shadow: 5px 10px;">
-          <img src="https://ion.tjhsst.edu/static/img/favicon.png">
-          Sign in with Ion
-        </a>
-    </div>
-    </body>
-</html>
\ No newline at end of file
diff --git a/Website/api/serializers.py b/Website/api/serializers.py
index 2a05750..2904a07 100644
--- a/Website/api/serializers.py
+++ b/Website/api/serializers.py
@@ -42,7 +42,7 @@ class StudentSerializer(serializers.HyperlinkedModelSerializer):
     class Meta:
         model = Student
         # fields = ['url','first_name', 'last_name', 'grade','email','student_id', 'git','ion_user','classes','added_to','completed', 'repo','owner']
-        fields = ['first_name', 'last_name', 'grade','email','student_id', 'git','ion_user','classes','added_to','completed', 'repo','owner']
+        fields = ['grade','email','student_id', 'git','ion_user','classes','added_to','completed', 'repo','owner']
 
 class TeacherSerializer(serializers.ModelSerializer):
     # classes = ClassesSerializer(many=True, read_only=True,allow_null=True)
diff --git a/skoolos.py b/skoolos.py
index f95da87..a802814 100644
--- a/skoolos.py
+++ b/skoolos.py
@@ -14,6 +14,7 @@ from PyInquirer import prompt, print_json
 import json
 import os
 import argparse
+import webbrowser
 
 client_id = r'QeZPBSKqdvWFfBv1VYTSv9iFGz5T9pVJtNUjbEr6'
 client_secret = r'0Wl3hAIGY9SvYOqTOLUiLNYa4OlCgZYdno9ZbcgCT7RGQ8x2f1l2HzZHsQ7ijC74A0mrOhhCVeZugqAmOADHIv5fHxaa7GqFNtQr11HX9ySTw3DscKsphCVi5P71mlGY'
@@ -34,31 +35,31 @@ def main():
     print("")
 
     if not os.path.exists(".profile"):
-        try:
-            URL = "http://127.0.0.1:8000/api/"
-            r = requests.get(url = URL, auth=('raffukhondaker','hackgroup1'))
-            print("End service at http://127.0.0.1:8000/ before continuing.")
-            sys.exit(0)
-        except:
-            pass
+        # try:
+        #     URL = "http://127.0.0.1:8000/api/"
+        #     r = requests.get(url = URL)
+        #     print("Stop any processes running on http://127.0.0.1:8000/ before continuing")
+        # except:
+        #     pass
         input("Welcome to SkoolOS. Press any key to create an account")
+        #webbrowser.open("http://127.0.0.1:8000/login", new=2)
         authenticate()
-    else:
-        try:
-            URL = "http://127.0.0.1:8000/api/"
-            r = requests.get(url = URL, auth=('raffukhondaker','hackgroup1')) 
-        except:
-            print("Start Django server first")
-            sys.exit(0)
-        f = open('.profile','r')
-        data = json.loads(f.read())
-        f.close()
-        PWD = data['password']
-        USER = data['username']
-        if(data['is_student']):
-            studentCLI()
-        else:
-            teacherCLI()
+    # else:
+    #     try:
+    #         URL = "http://127.0.0.1:8000/api/"
+    #         f = open('.profile','r')
+    #         data = json.loads(f.read())
+    #         f.close()
+    #         PWD = data['password']
+    #         USER = data['username']
+    #         r = requests.get(url = URL, auth=(USER,PWD)) 
+    #     except:
+    #         print("Incorrect password.")
+    #         sys.exit(0)
+    #     if(data['is_student']):
+    #         studentCLI()
+    #     else:
+    #         teacherCLI()
         
 
 
@@ -152,40 +153,70 @@ def authenticate():
         path = os.path.join(os.getcwd(), 'chromedriver-mac')
 
     browser = webdriver.Chrome(path)
-    web_dir = os.path.join(os.getcwd(), 'CLI', 'oauth')
-    print(web_dir)
-    os.chdir(web_dir)
-    if os.path.exists("index.html"):
-        os.remove("index.html")
+    # web_dir = os.path.join(os.getcwd(), 'CLI', 'oauth')
+    # print(web_dir)
+    # os.chdir(web_dir)
+    # if os.path.exists("index.html"):
+    #     os.remove("index.html")
 
-    template = open("template.html", "r")
-    index = open("index.html", "w")
-    for line in template:
-        index.write(line.replace('AUTH_URL', authorization_url))
-    template.close()
-    index.close()
+    # template = open("template.html", "r")
+    # index = open("index.html", "w")
+    # for line in template:
+    #     index.write(line.replace('AUTH_URL', authorization_url))
+    # template.close()
+    # index.close()
 
-    server = Thread(target=create_server)
-    server.daemon = True
-    server.start()
+    # server = Thread(target=create_server)
+    # server.daemon = True
+    # server.start()
 
-    browser.get("localhost:8000/")
+    browser.get("localhost:8000/login")
 
-    while "http://localhost:8000/callback/?code" not in browser.current_url:
+    # while "http://localhost:8000/callback/?code" not in browser.current_url:
+    #     time.sleep(0.25)
+
+    url = browser.current_url
+    gets = url_decode(url.replace("http://localhost:8000/login/?", ""))
+    while "http://localhost:8000/login/?username=" not in browser.current_url and (not browser.current_url == "http://localhost:8000/"): #http://localhost:8000/
         time.sleep(0.25)
 
     url = browser.current_url
-    gets = url_decode(url.replace("http://localhost:8000/callback/?", ""))
-    while "http://localhost:8000/callback/?code" not in browser.current_url:
-        time.sleep(0.25)
-
-    url = browser.current_url
-    gets = url_decode(url.replace("http://localhost:8000/callback/?", ""))
-    code = gets.get("code")
-    if state == gets.get("state"):
-        state = gets.get("state")
-        print("states good")
+    gets = url_decode(url.replace("http://localhost:8000/login/?username=", ""))
+    # code = gets.get("code")
+    # if state == gets.get("state"):
+    #     state = gets.get("state")
+    #     print("states good")
     browser.quit()
+    questions = [
+    {
+        'type': 'input',
+        'name': 'username',
+        'message': 'Enter SkoolOS Username (Same as ION Username): ',
+    },
+    {
+        'type': 'password',
+        'name': 'pwd',
+        'message': 'Enter SkoolOS Password (NOT ION PASSWORD): ',
+    },
+    ]
+    data =prompt(questions) 
+    pwd = data['pwd']
+    user = data['username']
+    r = requests.get(url = "http://localhost:8000/api/", auth=(user,pwd)) 
+    while(r.status_code != 200):
+        print("INCORRECT LOGIN CREDENTIALS")
+        r = requests.get(url = "http://localhost:8000/api/", auth=(user,pwd)) 
+        data =prompt(questions) 
+        pwd = data['pwd']
+        user = data['username']
+        print(r.status_code)
+    r = requests.get(url = "http://localhost:8000/students/" + user + "/", auth=(user,pwd)) 
+    is_student = False
+    if(r.status_code == 200):
+        is_student = True
+        print("Welcome, student " + user)
+    else:
+        print("Welcome, teacher " + user)
 
     #print(code)
     print(state)