An Identity Access Management (IAM) system using Google Workspace accounts.
Intended Users. This system is intended for use at Community Builder Toolbox, Inc., a California-based 501(c)(3) non-profit organization. It is currently incubated under ZaiGeZaiGu, a volunteer platform for Chinese in the SF Bay Area.
Assuming you have GitHub CLI installed (possibly via brew install gh
) and uses Conda as your environment manager, execute the following commands:
git clone zgzgorg/iam-backend # Clone the repo.
cd iam-backend
conda create -n zgiam python=3.8
conda activate zgiam
make develop
You can skip this section if you're provided with a zgiam.sql
file.
make update-schema
. This will create an empty SQLite file at zgiam/zgiam.sql
.brew install --cask dbeaver-community
(assuming you have Homebrew installed).Insert a row to the table account
. Provide the following required fields:
email
-- You must be able to receive emails via this email address.first_name
last_name
phone_number
Someone should've sent you an iam_sqlite.cfg
. Place it under the repo's directory. Run:
IAM_CONFIG_PATH=$PWD/iam_sqlite.cfg python zgiam/app.py
Now, go to http://127.0.0.1:5000/api/v1/. You should see a page similar to this screenshot.
Using a file. By default, iam-backend
reads /etc/zgiam/zgiam.cfg
for configs. The file supports a dialect of the INI file structure defined by the Python 3 standard library configparser
. A sample zgiam.cfg
file can be found at zgiam/conf/default_iam.cfg
. You can override the default path via the environment variable IAM_CONFIG_PATH
.
Using environment variables. All variables in this file are also overridable via environment variables. The overriding environment variable should follow the format of IAM_{section}_{option}
. For example:
This repo adheres to the following practices:
.commitlintrc.yml
.pycodestyle
and flake8
to enforce PEP 8. They have each other's back.mypy
(by Python makers) and pytype
(by Google) as type checkers. They have each other's back.Further, this repo uses these dev-cycle tools:
A requirements file defines dependencies that are parsable to pip
. pip-tools
reads the .in
files and generates pip-friendly requirements.txt
.
makefile
defines most of the dev-cycle actions.
pytest
is for unit tests.
pytest-cov
generates the .coverage
file. It computes coverage from pytest
unit tests.Codacy checks code quality and keep track of technical debt. It integrates well into GitHub reviews.
Pylint is another Python code analyzer.
Dependabot makes security updates.
CodeQL (by GitHub) and LGTM (by Semmle) discover vulnerabilities. They have each other's back.
This repo uses these modules: