updated requirements, working on dockerfile

Dockerfile

@@ -39,5 +39,5 @@ USER appuser
 # Install application into container
 COPY . .
 
-# Expose 1337 + 1 port
-EXPOSE 1338
+# Expose 1337
+EXPOSE 1337

Pipfile

 [[source]]
-url = "https://pypi.python.org/simple"
+url = "https://pypi.org/simple"
 verify_ssl = true
 name = "pypi"
 
 [packages]
 flask = "*"
-gunicorn = "*"
 authlib = "*"
-flask-babel = "*"
-requests = "*"
-flask-httpauth = "*"
-psycopg2-binary = "*"
 sqlalchemy = "*"
+psycopg2-binary = "*"
 
 [dev-packages]
 

config.example.json

 {
-	"OIDC": {
-		"client_id": "generator-grafiky",
-		"client_secret": "248f960e-7717-4a0e-9bfa-eb7cf1fd26ae",
-		"authorization_endpoint": "http://localhost:8080/auth/realms/master/protocol/openid-connect/auth",
-		"token_endpoint": "http://localhost:8080/auth/realms/master/protocol/openid-connect/token",
-		"userinfo_endpoint": "http://localhost:8080/auth/realms/master/protocol/openid-connect/userinfo",
-		"jwks_uri": "http://localhost:8080/auth/realms/master/protocol/openid-connect/certs",
-		"scope": "openid"
-	},
-	"SECRET_KEY": "Pusťte nás na ně",
-	"JWT_SECRET_KEY": "Energie a zkušenosti",
+	"OIDC_BASE_URL": "http://localhost:8080/auth/realms/master/",
 	"JWT_EXPIRES_AFTER": 604800
 }

docker-compose.yml

 version: "3"
 
 services:
-  database:
-    image: "postgres:latest"
-
-    environment:
-      POSTGRES_DB: generator
-      POSTGRES_PASSWORD: generator
-      POSTGRES_USER: generator
-
-    expose:
-      - "5432"
-
-    restart: always
   web:
     build: "."
 
     environment:
       FLASK_APP: generator
-      DATABASE_URL: "postgresql://generator:generator@database/generator"
+      DATABASE_URL: "postgresql://username:password@host/database_name"
+      
+      SECRET_KEY: "Åìo«ÑÚ2ûÁn-Û?bV4«Û©ä´ó>°yÆvw7°Ôa"
+      JWT_SECRET_KEY: "¤2¯µ&ñðxÈF?a^µ#udbLxgЧ?ÅÏARA®D"
+      
+      OIDC_CLIENT_ID: generator
+      OIDC_CLIENT_SECRET: "a11a5557-d486-429c-8c8c-7afa0bf1b0be"
 
     ports:
       - "1337:1337"

env.example

+DATABASE_URL=postgresql://username:password@localhost/database_name
+
+SECRET_KEY=Åìo«ÑÚ2ûÁn-Û?bV4«Û©ä´ó>°yÆvw7°Ôa
+
+JWT_SECRET_KEY=¤2¯µ&ñðxÈF?a^µ#udbLxgЧ?ÅÏARA®D
+
+OIDC_CLIENT_ID=generator
+OIDC_CLIENT_SECRET=a11a5557-d486-429c-8c8c-7afa0bf1b0be
+
+FLASK_APP=generator

generator/__init__.py

@@ -4,7 +4,6 @@ import os
 import typing
 
 import flask
-import flask_babel
 import sqlalchemy
 import sqlalchemy.orm
 
@@ -39,6 +38,9 @@ def create_app() -> flask.Flask:
 
 		app.logger.debug("Loading config file")
 
+		app.config["SECRET_KEY"] = os.environ.get("SECRET_KEY", "dev_secret_key")
+		app.config["JWT_SECRET_KEY"] = os.environ.get("JWT_SECRET_KEY", "dev_secret_key")
+
 		with open(
 			os.environ.get(
 				"CONFIG_LOCATION",
@@ -69,10 +71,6 @@ def create_app() -> flask.Flask:
 			)
 		)
 
-		app.logger.debug("Setting up extensions")
-
-		babel = flask_babel.Babel(app)
-
 		@app.before_request
 		def before_request() -> None:
 			"""TODO: doc"""

generator/authentication/__init__.py

@@ -17,32 +17,32 @@ def authenticate_via_jwt(
 
 	@functools.wraps(func)
 	def decorator(*args, **kwargs) -> typing.Any:
-		#if "token" not in flask.request.cookies:
-			#return flask.redirect(
-				#flask.url_for("oidc.login")
-			#)
-
-		#try:
-			#claims = authlib.jose.jwt.decode(
-				#flask.request.cookies["token"],
-				#flask.current_app.config["JWT_SECRET_KEY"]
-			#)
-		#except authlib.jose.JoseError as exception:
-			#raise werkzeug.exceptions.BadRequest from exception
-
-		#try:
-			#claims.validate()
-		#except authlib.jose.JoseError as exception:
-			#flask.current_app.logger.debug(
-				#"Claim validation failed: %s",
-				#exception
-			#)
-
-			#return flask.redirect(
-				#flask.url_for("oidc.login")
-			#)
-
-		flask.g.user_id = "1"
+		if "token" not in flask.request.cookies:
+			return flask.redirect(
+				flask.url_for("oidc.login")
+			)
+
+		try:
+			claims = authlib.jose.jwt.decode(
+				flask.request.cookies["token"],
+				flask.current_app.config["JWT_SECRET_KEY"]
+			)
+		except authlib.jose.JoseError as exception:
+			raise werkzeug.exceptions.BadRequest from exception
+
+		try:
+			claims.validate()
+		except authlib.jose.JoseError as exception:
+			flask.current_app.logger.debug(
+				"Claim validation failed: %s",
+				exception
+			)
+
+			return flask.redirect(
+				flask.url_for("oidc.login")
+			)
+
+		flask.g.user_id = claims["sub"]
 
 		return func(*args, **kwargs)
 	return decorator

generator/static/js/concept.js

@@ -68,7 +68,7 @@ $("#concept-selection").on(
 			currentConcept = null;
 			$("#concept-name").val("");
 			
-			// TODO
+			window.location.reload(true);
 			
 			return;
 		}
@@ -82,7 +82,7 @@ $("#concept-selection").on(
 		
 		const canvasData = JSON.parse(unescapeHTML(element.dataset.json));
 		
-		const templateName = canvasData.templateName;
+		templateName = canvasData.templateName;
 		template = new templateTypes[templateName]("graphicsCanvas");
 		
 		template.redrawing = true;
@@ -423,7 +423,7 @@ async function getCanvasData() {
 			$("#concept-name").val() : null
 		),
 		templateName: templateName,
-		templateHumanName: $("#template-selection").select2("data")[0].element.innerHTML,
+		templateHumanName: $("#template-selection").select2("data")[0].text,
 		primaryText: $("#primary-text").val(),
 		secondaryText: $("#secondary-text").val(),
 		terciaryText: $("#terciary-text").val(),

generator/views/concept.py

@@ -7,7 +7,6 @@ import uuid
 
 import werkzeug.exceptions
 import flask
-import flask_httpauth
 import sqlalchemy
 
 from .. import authentication, database

generator/views/generator.py

@@ -5,7 +5,6 @@ import typing
 
 import werkzeug.exceptions
 import flask
-import flask_httpauth
 
 from .. import authentication
 
@@ -20,16 +19,8 @@ generator_blueprint = flask.Blueprint(
 	__name__
 )
 
-auth = flask_httpauth.HTTPBasicAuth()
-
-
-@auth.verify_password
-def verify_password(username, password):
-	if username == "papouch" and password == "jestetonepouzivejte":
-		return "papouch"
 
 @generator_blueprint.route("/")
-@auth.login_required
 @authentication.authenticate_via_jwt
 def view() -> typing.Tuple[flask.Response, int]:
 	return flask.render_template("generator.html"), http.client.OK

generator/views/oidc.py

@@ -6,6 +6,7 @@
 """
 
 import datetime
+import os
 
 import authlib.integrations.requests_client
 import authlib.jose
@@ -34,8 +35,16 @@ def login() -> flask.Response:
 	:returns: A response with the redirect URL.
 	"""
 
+	oidc_url = flask.current_app.config["OIDC_BASE_URL"]
+
 	with authlib.integrations.requests_client.OAuth2Session(
-		**flask.current_app.config["OIDC"]
+		client_id=os.environ["OIDC_CLIENT_ID"],
+		client_secret=os.environ["OIDC_CLIENT_SECRET"],
+		authorization_endpoint=f"{oidc_url}protocol/openid-connect/auth",
+		token_endpoint=f"{oidc_url}protocol/openid-connect/token",
+		userinfo_endpoint=f"{oidc_url}protocol/openid-connect/userinfo",
+		jwks_uri=f"{oidc_url}protocol/openid-connect/certs",
+		scope="openid"
 	) as session:
 		url, state = session.create_authorization_url(
 			session.metadata["authorization_endpoint"],
@@ -61,8 +70,16 @@ def authenticate() -> flask.Response:
 	if code is None or state is None:
 		raise werkzeug.exceptions.BadRequest
 
+	oidc_url = flask.current_app.config["OIDC_BASE_URL"]
+
 	with authlib.integrations.requests_client.OAuth2Session(
-		**flask.current_app.config["OIDC"]
+		client_id=os.environ["OIDC_CLIENT_ID"],
+		client_secret=os.environ["OIDC_CLIENT_SECRET"],
+		authorization_endpoint=f"{oidc_url}protocol/openid-connect/auth",
+		token_endpoint=f"{oidc_url}protocol/openid-connect/token",
+		userinfo_endpoint=f"{oidc_url}protocol/openid-connect/userinfo",
+		jwks_uri=f"{oidc_url}protocol/openid-connect/certs",
+		scope="openid"
 	) as session:
 		try:
 			token = session.fetch_token(