feat: add cron urls for user verification (#2160)

* feat: add cron urls for user verification

* remove comment

* cron user tests

* add cron mixin

* remove whitespace

* fix: filter

* add cron test cases

* add negative test cases

* Remove custom aimmo branch install

* Merge branch 'master' into verify_email_reminder

* Lockfile

* fix patch

* Update logic so it doesn't include students

* Try adding a trailing slash

* fix: deletion test

* Update cron view and test after feedback

* fix: tests

* Merge changes

* Simplify logic

* Simplify logic again

* fix: tests

* fix: reuse global variable

* feedback

Co-Authored-By: faucomte97 <[email protected]>

.github/workflows/ci.yml

@@ -27,8 +27,6 @@ jobs:
         run: |
           pip install pipenv
           pipenv install --dev --system
-          pip uninstall aimmo -y
-          pip install git+https://github.com/ocadotechnology/aimmo@max_games_limit#egg=aimmo
           yarn --frozen-lockfile
       - name: Build frontend
         run: |

.gitignore

@@ -25,7 +25,7 @@ example_project/static/
 codeforlife_portal.egg-info
 *.egg-info/
 build/
-.vscode/
+# .vscode/
 dist/
 node_modules
 

.vscode/launch.json

@@ -0,0 +1,29 @@
+{
+  // Use IntelliSense to learn about possible attributes.
+  // Hover to view descriptions of existing attributes.
+  // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "Django Server",
+      "type": "python",
+      "request": "launch",
+      "django": true,
+      "justMyCode": false,
+      "program": "${workspaceFolder}/example_project/manage.py",
+      "args": [
+        "runserver",
+        "localhost:8000"
+      ]
+    },
+    {
+      "name": "Pytest",
+      "type": "python",
+      "request": "test",
+      "justMyCode": false,
+      "presentation": {
+        "hidden": true
+      }
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,4 @@
+{
+  "python.testing.unittestEnabled": false,
+  "python.testing.pytestEnabled": true
+}

cfl_common/common/helpers/emails.py

@@ -76,9 +76,12 @@ def generate_token(user, new_email="", preverified=False):
         user.userprofile.is_verified = preverified
         user.userprofile.save()
 
+    return generate_token_for_email(user.email, new_email)
+
+def generate_token_for_email(email: str, new_email: str = ""):
     return jwt.encode(
         {
-            "email": user.email,
+            "email": email,
             "new_email": new_email,
             "email_verification_token": uuid4().hex[:30],
             "expires": (timezone.now() + datetime.timedelta(hours=1)).timestamp(),

portal/mixins/__init__.py

@@ -0,0 +1 @@
+from .cron_mixin import CronMixin

portal/mixins/cron_mixin.py

@@ -0,0 +1,12 @@
+from rest_framework.request import Request
+from rest_framework.response import Response
+
+from ..permissions import IsCronRequestFromGoogle
+
+
+class CronMixin:
+    http_method_names = ["get"]
+    permission_classes = [IsCronRequestFromGoogle]
+
+    def get(self, request: Request) -> Response:
+        raise NotImplementedError()

portal/permissions/__init__.py

@@ -0,0 +1 @@
+from .is_cron_request_from_google import IsCronRequestFromGoogle

portal/permissions/is_cron_request_from_google.py

@@ -0,0 +1,14 @@
+from django.conf import settings
+from rest_framework.permissions import BasePermission
+from rest_framework.request import Request
+from rest_framework.views import View
+
+
+class IsCronRequestFromGoogle(BasePermission):
+    """
+    Validate that requests to your cron URLs are coming from App Engine and not from another source.
+    https://cloud.google.com/appengine/docs/flexible/scheduling-jobs-with-cron-yaml#securing_urls_for_cron
+    """
+
+    def has_permission(self, request: Request, view: View):
+        return settings.DEBUG or request.META.get("HTTP_X_APPENGINE_CRON") == "true"