Authentication

[dabercro]

There may be a way to get the user name through CERN SSO at least. This way, we can tell Unified who is submitting.

[vargasa]

CERN provides OAuth2, this will require to upgrade Django to 2+ (now running 1.11.4) so we are able to use django-oauth-toolkit but there are some dependencies issues that arise, due to support only being offered for django 1.* . For instance in the readme file of django-mongoengine it reads:

THIS IS UNSTABLE PROJECT, IF YOU WANT TO USE IT - FIX WHAT YOU NEED... Maybe there is better option for mongo support, take a look at https://nesdis.github.io/djongo/; It's python3 only and i have not tried it yet, but looks promising.

Support for django 2+ is not offered by django-rest-framework-mongoengine or django-rest-framework-bulk. So we somehow would need to get rid off or find a substitute for these dependencies. Prior to do this, @vlimant as you have some more experience with python on mongodb. Do you have any suggestion/recommendation on how to tackle this problem?

[vargasa]

Regarding this issue, a short summary on the progress:

There are two parts needing to be implemented. One of them is protecting the Django rest framework API (which I was mentioning before) but also the react front end. As for the first one (the API) there is a problem with some libraries as I mentioned before that we still need to figure out. For the second part, the front end, I have been implementing it with a react-oauth-flow and which progress you can check by going to https://wc-dev.cern.ch/ however after implementing it is throwing some error that it may be related with CERN Oauth2 providing non-standard output.