Remove default login view (#1215)

* remove default login view Signed-off-by: Akihiko Kuroda <akihikokuroda2020@gmail.com>
Qiskit · Feb 12, 2024 · 3f8258f · 3f8258f
1 parent 548fa54
commit 3f8258f
Show file tree

Hide file tree

Showing 6 changed files with 47 additions and 146 deletions.
diff --git a/gateway/api/views.py b/gateway/api/views.py
@@ -201,7 +201,9 @@ def run_existing(self, request):
             carrier = {}
             TraceContextTextMapPropagator().inject(carrier)
             arguments = serializer.data.get("arguments")
-            token = request.auth.token.decode()
+            token = ""
+            if request.auth:
+                token = request.auth.token.decode()
             try:
                 job = self.get_service_job_class().save(
                     program=program,

diff --git a/gateway/main/settings.py b/gateway/main/settings.py
@@ -46,7 +46,6 @@
 # Application definition
 
 INSTALLED_APPS = [
-    "django.contrib.admin",
     "django.contrib.auth",
     "django.contrib.contenttypes",
     "django.contrib.sessions",
@@ -58,10 +57,6 @@
     "rest_framework.authtoken",
     "rest_framework_simplejwt",
     "allauth",
-    "allauth.account",
-    "allauth.socialaccount",
-    "dj_rest_auth",
-    "dj_rest_auth.registration",
     "api",
     "psycopg2",
 ]
@@ -74,11 +69,9 @@
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.common.CommonMiddleware",
     "django.middleware.csrf.CsrfViewMiddleware",
-    "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
     "django_prometheus.middleware.PrometheusAfterMiddleware",
-    "allauth.account.middleware.AccountMiddleware",
 ]
 
 ROOT_URLCONF = "main.urls"
@@ -178,8 +171,6 @@
 ]
 
 AUTHENTICATION_BACKENDS = [
-    # Needed to login by username in Django admin, regardless of `allauth`
-    "django.contrib.auth.backends.ModelBackend",
     # `allauth` specific authentication methods, such as login by e-mail
     "allauth.account.auth_backends.AuthenticationBackend",
 ]

diff --git a/gateway/main/urls.py b/gateway/main/urls.py
@@ -15,7 +15,6 @@
 """
 from django.conf import settings
 from django.conf.urls.static import static
-from django.contrib import admin
 from django.urls import path, include, re_path
 from django.views.generic import TemplateView
 from rest_framework import routers
@@ -26,10 +25,7 @@
 
 
 urlpatterns = [
-    path("dj-rest-auth/", include("dj_rest_auth.urls")),
     path("accounts/", include("allauth.urls")),
-    path("api-auth/", include("rest_framework.urls")),
-    path("admin/", admin.site.urls),
     path("readiness/", probes.views.readiness, name="readiness"),
     path("liveness/", probes.views.liveness, name="liveness"),
     path("", include("django_prometheus.urls")),

diff --git a/gateway/tests/api/test_files.py b/gateway/tests/api/test_files.py
@@ -5,6 +5,7 @@
 from django.urls import reverse
 from rest_framework import status
 from rest_framework.test import APITestCase
+from django.contrib.auth import models
 
 
 class TestFilesApi(APITestCase):
@@ -30,25 +31,17 @@ def test_files_list(self):
         media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))
 
         with self.settings(MEDIA_ROOT=media_root):
-            auth = reverse("rest_login")
-            response = self.client.post(
-                auth, {"username": "test_user", "password": "123"}, format="json"
-            )
-            token = response.data.get("access")
-            self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+            user = models.User.objects.get(username="test_user")
+            self.client.force_authenticate(user=user)
             url = reverse("v1:files-list")
             response = self.client.get(url, format="json")
             self.assertEqual(response.status_code, status.HTTP_200_OK)
             self.assertEqual(response.data, {"results": ["artifact.tar"]})
 
     def test_non_existing_file_download(self):
         """Tests downloading non-existing file."""
-        auth = reverse("rest_login")
-        response = self.client.post(
-            auth, {"username": "test_user", "password": "123"}, format="json"
-        )
-        token = response.data.get("access")
-        self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+        user = models.User.objects.get(username="test_user")
+        self.client.force_authenticate(user=user)
         url = reverse("v1:files-download")
         response = self.client.get(
             url, data={"file": "non_existing.tar"}, format="json"
@@ -68,12 +61,8 @@ def test_file_download(self):
         media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))
 
         with self.settings(MEDIA_ROOT=media_root):
-            auth = reverse("rest_login")
-            response = self.client.post(
-                auth, {"username": "test_user", "password": "123"}, format="json"
-            )
-            token = response.data.get("access")
-            self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+            user = models.User.objects.get(username="test_user")
+            self.client.force_authenticate(user=user)
             url = reverse("v1:files-download")
             response = self.client.get(
                 url, data={"file": "artifact.tar"}, format="json"
@@ -99,12 +88,8 @@ def test_file_delete(self):
             fp.close()
 
         with self.settings(MEDIA_ROOT=media_root):
-            auth = reverse("rest_login")
-            response = self.client.post(
-                auth, {"username": "test_user", "password": "123"}, format="json"
-            )
-            token = response.data.get("access")
-            self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+            user = models.User.objects.get(username="test_user")
+            self.client.force_authenticate(user=user)
             url = reverse("v1:files-delete")
             response = self.client.delete(
                 url, data={"file": "artifact_delete.tar"}, format="json"
@@ -122,12 +107,8 @@ def test_non_existing_file_delete(self):
         media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))
 
         with self.settings(MEDIA_ROOT=media_root):
-            auth = reverse("rest_login")
-            response = self.client.post(
-                auth, {"username": "test_user", "password": "123"}, format="json"
-            )
-            token = response.data.get("access")
-            self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+            user = models.User.objects.get(username="test_user")
+            self.client.force_authenticate(user=user)
             url = reverse("v1:files-delete")
             response = self.client.delete(
                 url, data={"file": "artifact_delete.tar"}, format="json"
@@ -145,12 +126,8 @@ def test_file_upload(self):
         media_root = os.path.normpath(os.path.join(os.getcwd(), media_root))
 
         with self.settings(MEDIA_ROOT=media_root):
-            auth = reverse("rest_login")
-            response = self.client.post(
-                auth, {"username": "test_user", "password": "123"}, format="json"
-            )
-            token = response.data.get("access")
-            self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+            user = models.User.objects.get(username="test_user")
+            self.client.force_authenticate(user=user)
             url = reverse("v1:files-upload")
             with open("README.md") as f:
                 response = self.client.post(
@@ -172,12 +149,8 @@ def test_escape_directory(self):
                 "fake_media",
             )
         ):
-            auth = reverse("rest_login")
-            response = self.client.post(
-                auth, {"username": "test_user", "password": "123"}, format="json"
-            )
-            token = response.data.get("access")
-            self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+            user = models.User.objects.get(username="test_user")
+            self.client.force_authenticate(user=user)
             url = reverse("v1:files-download")
             response = self.client.get(
                 url, data={"file": "../test_user_2/artifact_2.tar"}, format="json"

diff --git a/gateway/tests/api/test_job.py b/gateway/tests/api/test_job.py
@@ -5,6 +5,7 @@
 from rest_framework.test import APITestCase
 
 from api.models import Job
+from django.contrib.auth import models
 
 
 class TestJobApi(APITestCase):
@@ -14,12 +15,8 @@ class TestJobApi(APITestCase):
 
     def _authorize(self):
         """Authorize client."""
-        auth = reverse("rest_login")
-        resp = self.client.post(
-            auth, {"username": "test_user", "password": "123"}, format="json"
-        )
-        token = resp.data.get("access")
-        self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+        user = models.User.objects.get(username="test_user")
+        self.client.force_authenticate(user=user)
 
     def test_job_non_auth_user(self):
         """Tests job list non-authorized."""
@@ -68,12 +65,7 @@ def test_job_save_result(self):
 
     def test_stop_job(self):
         """Tests job stop."""
-        auth = reverse("rest_login")
-        response = self.client.post(
-            auth, {"username": "test_user", "password": "123"}, format="json"
-        )
-        token = response.data.get("access")
-        self.client.credentials(HTTP_AUTHORIZATION="Bearer " + token)
+        self._authorize()
 
         job_stop_response = self.client.post(
             reverse(