RAS Authentication Updates

.github/workflows/main.yml

@@ -44,7 +44,7 @@ jobs:
           node-version: ${{ matrix.node_version }}
           check-latest: false
 
-      - name: Install/Link Postgres
+      - name: Install/Link Postgres and Redis
         if: ${{ matrix.test_type == 'NPM' || matrix.test_type == 'UNIT' }}
         run: |
           sudo apt-get install curl ca-certificates gnupg
@@ -54,6 +54,9 @@ jobs:
           sudo apt-get install postgresql-14 postgresql-client-14
           echo "/usr/lib/postgresql/14/bin" >> $GITHUB_PATH
           sudo ln -s /usr/lib/postgresql/14/bin/initdb /usr/local/bin/initdb
+          sudo apt install redis-server
+          sudo ln -s /usr/bin/redis-server /usr/local/bin/redis-server
+          sudo ln -s /usr/bin/redis-cli /usr/local/bin/redis-cli
       - name: Install Deps
         if: ${{ matrix.test_type == 'NPM' || matrix.test_type == 'UNIT' }}
         run: |

.gitignore

@@ -1,6 +1,7 @@
 .coverage
 coverage.xml
 beanstalk.cfg
+dump.rdb
 /coverage
 /.installed.cfg
 /.mr.developer.cfg

Makefile

@@ -131,8 +131,9 @@ kibana-stop:
 
 kill:  # kills back-end processes associated with the application. Use with care.
 	pkill -f postgres &
-	pkill -f elasticsearch &
+	pkill -f opensearch &
 	pkill -f moto_server &
+	pkill -f redis-server &
 
 clean-python:
 	@echo -n "Are you sure? This will wipe all libraries installed on this virtualenv [y/N] " && read ans && [ $${ans:-N} = y ]

base.ini

@@ -30,9 +30,9 @@ multiauth.policy.remoteuser.use = encoded.authentication.NamespacedAuthenticatio
 multiauth.policy.remoteuser.base = pyramid.authentication.RemoteUserAuthenticationPolicy
 
 multiauth.policy.accesskey.namespace = accesskey
-multiauth.policy.accesskey.use = encoded.authentication.NamespacedAuthenticationPolicy
-multiauth.policy.accesskey.base = encoded.authentication.BasicAuthAuthenticationPolicy
-multiauth.policy.accesskey.check = encoded.authentication.basic_auth_check
+multiauth.policy.accesskey.use = snovault.authentication.NamespacedAuthenticationPolicy
+multiauth.policy.accesskey.base = snovault.authentication.BasicAuthAuthenticationPolicy
+multiauth.policy.accesskey.check = snovault.authentication.basic_auth_check
 
 multiauth.policy.auth0.use = encoded.authentication.NamespacedAuthenticationPolicy
 multiauth.policy.auth0.namespace = auth0

deploy/docker/production/fourfront_any_alpha.ini

@@ -1,6 +1,7 @@
 [app:app]
 use = config:base.ini#app
 session.secret = %(here)s/session-secret.b64
+auth0.domain = ${AUTH0_DOMAIN}
 auth0.client = ${AUTH0_CLIENT}
 auth0.secret = ${AUTH0_SECRET}
 file_upload_bucket = ${FILE_UPLOAD_BUCKET}
@@ -12,7 +13,6 @@ identity = ${IDENTITY}
 tibanna_output_bucket = ${TIBANNA_OUTPUT_BUCKET}
 application_bucket_prefix = ${APPLICATION_BUCKET_PREFIX}
 foursight_bucket_prefix = ${FOURSIGHT_BUCKET_PREFIX}
-# blob_store_profile_name = encoded-4dn-files
 accession_factory = encoded.server_defaults.enc_accession
 elasticsearch.server = ${ES_SERVER}
 snovault.app_version = ask-pip
@@ -31,6 +31,9 @@ elasticsearch.aws_auth = true
 production = true
 load_test_data = snovault.loadxl:load_${DATA_SET}_data
 sqlalchemy.url = postgresql://${RDS_USERNAME}:${RDS_PASSWORD}@${RDS_HOSTNAME}:${RDS_PORT}/${RDS_DB_NAME}
+redis.server = ${REDIS_SERVER}
+g.recaptcha.key = ${g.recaptcha.key}
+g.recaptcha.secret = ${g.recaptcha.secret}
 
 [composite:indexer]
 use = config:base.ini#indexer

development.ini.template

@@ -6,6 +6,7 @@
 [app:app]
 use = config:base.ini#app
 sqlalchemy.url = postgresql://postgres@localhost:5441/postgres?host=/tmp/snovault/pgdata
+redis.server = redis://localhost:6379
 blob_bucket = encoded-4dn-blobs
 metadata_bundles_bucket = metadata-bundles-fourfront-local-test
 load_test_only = true

docs/source/index.rst

@@ -54,7 +54,7 @@ Install or update dependencies::
     $ brew install libevent libmagic libxml2 libxslt openssl postgresql graphviz nginx python3
     $ brew install freetype libjpeg libtiff littlecms webp  # Required by Pillow
     $ brew cask install adoptopenjdk8
-    $ brew install opensearch node@16
+    $ brew install opensearch node@16 redis
 
 NOTES: