Timestamp based user signup for first time setup

[Vedant1202]

Description

This update provides a mechanism for general users to signup authentic users/admins upto a certain period of time based on a preset environment variable ENABLE_SECURITY_AT. The datetime has the format MM/DD/YYYY hh:mm:ss. To disable the feature, just keep the variable to empty string.

The changes are:

1. Timestamp based user signup on first setup.

This depends upon Distro PR-122 and caMicroscope PR-388.

Motivation and Context

**Why is this change required? What problem does it solve?

• This extends [camicroscope/caMicroscope#254 (https://github.com/camicroscope/caMicroscope/issues/254).
• Enables first time setup users to create new users within the configured lifespan.

How Has This Been Tested?

**Please describe in detail how you tested your changes.

• Tested on Ubuntu 18.04, Firefox
• This change does not affect other pre-existing functions except for the signup function for users.

Types of changes

**What types of changes does your code introduce? Put an x in all the boxes that apply:

• [x] Bug fix (non-breaking change which fixes an issue)
• [x] New feature (non-breaking change which adds functionality)
• [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

• [x] My code follows the code style of this project.
• [ ] My change requires a change to the documentation.
• [ ] I have updated the documentation accordingly.

[birm]

Thanks for your patience here. I don't think this concept has to involve tokens. If the token is staying on the server which generated it, and has no way to determine who is using it, wouldn't this then be very similar to managing disable security? Also, if it's running with a restart policy, it would repeatedly be in this state unintentionally. I haven't had much opportunity to reach out to existing users about this, so I don't know what's important to them, but I think the core idea of this suggestion is reasonable. It may be more early accomplished by having some kind of timestamp or equivalent at which the mode is deactivated. (e.g. I'll be adding users until 25 APR 2020 at 1:00 AM UTC, after which time use normal login) Do you believe that this suggestion is in the spirit of your concept? Have I misunderstood something?

[Vedant1202]

@birm, So just having a preset timestamp after which we can enable security would do?

[birm]

Probably, but if you don't think so or have a better idea, don't keep it to yourself :smiley:

[Vedant1202]

Not at the moment, but I will if something strikes me up though. Meanwhile I'll update the PR to do the timestamp thing. 👍

[Vedant1202]

@birm, I've done the changes and this as well as the dependant PRs are up for review. 👍 Please tell me if any changes are required.

[Vedant1202]

@birm Thanks for the help, I have done the changes and the PRs are up for further review.

[Vedant1202]

Well I think the other two would be necessary, as the one in distro contains the ENABLE_SECURITY_AT env var addition in develop.yml And the one in camicroscope contains a frontend check in user signup.html, whether the time window is open or closed. If the window is open, the form is submitted to User/post, else a user add request gets created if the user is an editor.

[birm]

Ah, that's true; I had forgotten about the request system!