login ok in local headed and headless mode. ok on github?

tla · Jul 4, 2024 · ebbd405 · ebbd405
1 parent 61d9985
commit ebbd405
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 31 deletions.
diff --git a/frontend-e2e/cypress/e2e/experimental.cy.js b/frontend-e2e/cypress/e2e/experimental.cy.js
@@ -67,7 +67,7 @@ describe('login and logout with authentication modal and fetch(POST)', () => {
 
 // some fetch(POST) for headless mode
 describe('addStemma and deleteStemma currently without login, pass in headless mode despite fetch(POST)?', () => {
-  it.skip('passed in headless mode local and on github. passes in local headed mode (when guest config is adapted)', {}, () => { // would currently fail in github actions
+  it('passed in headless mode local and on github. passes in local headed mode (when guest config is adapted)', {}, () => { // would currently fail in github actions
     // addStemma is defined in <ROOT>/frontend/www/src/js/modules/common/service/stemmarestService.js
     // and applied in <ROOT>/frontend/www/src/js/modules/dashboard/tradition/stemma/editStemma.js
     /* return this.fetch(`/api/tradition/${tradId}/stemma/`, {
@@ -78,7 +78,7 @@ describe('addStemma and deleteStemma currently without login, pass in headless m
      */
 
     // need for login skipped in <ROOT>/frontend/www/src/js/modules/common/service/stemmarestService.js
-    // cy.loginViaUi(admin);
+    cy.loginViaUi(admin);
 
 /*     // currently regarding headed and headless login tests # TO DO
     cy.log('LOGIN:')
@@ -115,7 +115,7 @@ describe('addStemma and deleteStemma currently without login, pass in headless m
     cy.get('#delete-stemma-button-link').wait(500).click(); // DELETE method
     cy.contains('Yes, delete it').wait(500).click();
 
-    // cy.logoutViaUi(admin);
+    cy.logoutViaUi(admin);
 /*     // currently regarding headed and headless login tests # TO DO
     cy.log('LOGOUT:')
     cy.log("Cypress.env('CY_MODE'): " + Cypress.env('CY_MODE'));

diff --git a/frontend-e2e/cypress/support/commands.js b/frontend-e2e/cypress/support/commands.js
@@ -27,27 +27,27 @@
 // Login via user interface
 // TODO: also for headless mode
 Cypress.Commands.add('loginViaUi', (userObj) => {
-    if (Cypress.env('CY_MODE') === 'headed') { // skip when in headless mode
-        cy.log("Cypress.env('CY_MODE'): " + Cypress.env('CY_MODE'));
-        cy.contains('header a', 'Sign in').click();
-        cy.get('#loginEmail').wait(500).type(userObj.username, { delay: 50 });
-        cy.get('#loginPassword').wait(500).type(userObj.password, { delay: 50 });
-        cy.get('button').contains('Sign in').wait(500).click();
-        cy.get('#authModal').should('not.be.visible');
-        cy.contains('Logged in as ' + userObj.username);
-        cy.contains('header a', 'Sign out');
-        cy.get('header').should('not.contain', 'Sign in');
-        cy.log('Signed in as ' + userObj.username + '!');
-    }
+    // if (Cypress.env('CY_MODE') === 'headed') { // skip when in headless mode
+    cy.log("Cypress.env('CY_MODE'): " + Cypress.env('CY_MODE'));
+    cy.contains('header a', 'Sign in').click();
+    cy.get('#loginEmail').wait(500).type(userObj.username, { delay: 50 });
+    cy.get('#loginPassword').wait(500).type(userObj.password, { delay: 50 });
+    cy.get('button').contains('Sign in').wait(500).click();
+    cy.get('#authModal').should('not.be.visible');
+    cy.contains('Logged in as ' + userObj.username);
+    cy.contains('header a', 'Sign out');
+    cy.get('header').should('not.contain', 'Sign in');
+    cy.log('Signed in as ' + userObj.username + '!');
+    // }
 });
 
 // Logout via user interface
 // TODO: also for headless mode
 Cypress.Commands.add('logoutViaUi', (userObj) => {
-    if (Cypress.env('CY_MODE') === 'headed') { // skip when in headless mode
-        cy.log("Cypress.env('CY_MODE'): " + Cypress.env('CY_MODE'));
-        cy.contains('header a', 'Sign out').click();
-        cy.contains('header a', 'Sign in');
-        cy.get('header').should('not.contain', 'Sign out');
-    }
+    // if (Cypress.env('CY_MODE') === 'headed') { // skip when in headless mode
+    cy.log("Cypress.env('CY_MODE'): " + Cypress.env('CY_MODE'));
+    cy.contains('header a', 'Sign out').click();
+    cy.contains('header a', 'Sign in');
+    cy.get('header').should('not.contain', 'Sign out');
+    // }
 });
diff --git a/middleware/stemmaweb_middleware/controller/auth/routes.py b/middleware/stemmaweb_middleware/controller/auth/routes.py
@@ -110,16 +110,15 @@ def login():
 
         # Verify captcha
         if not recaptcha_verifier.verify(body.recaptcha_token):
-            if env_recaptcha_site_key == None: # CAUTION ! tmp to check github actions
+            if env_recaptcha_site_key == '6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI': # .env.test:RECAPTCHA_SITE_KEY
+                pass # Works in local headless mode, not on github
+            elif env_recaptcha_site_key == None: # Works on github. No key there!? CAUTION ! To do: check that production mode uses a key !!
                 pass
-            # elif env_recaptcha_site_key == '': # CAUTION ! tmp to check github actions: not OK on github
+            # elif env_recaptcha_site_key == '': # doesn't fit anywhere
             #     pass
-            # elif env_recaptcha_site_key == '6LdZPq4ZAAAAAGx6vHrdtUfUr1HryiDoPu4piwiG': # CAUTION ! tmp to check github actions
-            #     pass # .env.dev:RECAPTCHA_SITE_KEY
-            elif env_recaptcha_site_key == '6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI': # OK in local headless mode, not OK on github
-                pass # .env.test:RECAPTCHA_SITE_KEY
-            else:
-                # pass  # CAUTION ! tmp to check github actions
+            # elif env_recaptcha_site_key == '6LdZPq4ZAAAAAGx6vHrdtUfUr1HryiDoPu4piwiG': # .env.dev:RECAPTCHA_SITE_KEY
+            #     pass
+            else: # e.g. in the case of production, with .env.prod:RECAPTCHA_SITE_KEY !?
                 return abort(status=429, message="reCAPTCHA verification failed")
 
         # Login user for this flask session

diff --git a/middleware/stemmaweb_middleware/resources/stemmarest/permissions/declarations/tradition.py b/middleware/stemmaweb_middleware/resources/stemmarest/permissions/declarations/tradition.py
@@ -35,8 +35,22 @@ def config(
             if_true={Permission.READ},
         ),
     )
-    tradition_config_guest = [read_write] # currently regarding headed and headless login tests # TO DO
-    # tradition_config_guest = [read_only] # TO DO
+
+    # TODO: remove when login possible headed, headless local, headless github, dev and production.
+    # import os
+    # if "RECAPTCHA_SITE_KEY" in os.environ:
+    #     env_recaptcha_site_key = os.getenv("RECAPTCHA_SITE_KEY")
+    # else:
+    #     env_recaptcha_site_key = None
+
+    # if env_recaptcha_site_key == '6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI': # .env.test:RECAPTCHA_SITE_KEY
+    #     tradition_config_guest = [read_write] # Works in local headless mode, not on github
+    # elif env_recaptcha_site_key == None: # Works on github. No key there!? CAUTION ! To do: check that production mode uses a key !!
+    #     tradition_config_guest = [read_write]
+    # else: # e.g. in the case of production, with .env.prod:RECAPTCHA_SITE_KEY !?
+    #     tradition_config_guest = [read_only]
+
+    tradition_config_guest = [read_only] # orig
     tradition_config_user = [read_write]
     tradition_config_admin = [read_write]
     tradition_config = {