Skip to content

Commit 58b5eb8

Browse files
authored
Merge branch 'master' into oidc
2 parents f0ed4c2 + b7187ce commit 58b5eb8

File tree

8 files changed

+37
-46
lines changed

8 files changed

+37
-46
lines changed

c19-backend/C19/settings.py

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@
3838
'django.contrib.messages',
3939
'django.contrib.staticfiles',
4040
'mozilla_django_oidc',
41+
'corsheaders',
4142
'rest_framework',
4243
'api',
4344
]
@@ -50,6 +51,7 @@
5051
'django.contrib.auth.middleware.AuthenticationMiddleware',
5152
'django.contrib.messages.middleware.MessageMiddleware',
5253
'django.middleware.clickjacking.XFrameOptionsMiddleware',
54+
'corsheaders.middleware.CorsMiddleware',
5355
]
5456

5557
ROOT_URLCONF = 'C19.urls'
@@ -108,12 +110,9 @@
108110

109111
REST_FRAMEWORK = {
110112
'DEFAULT_PERMISSION_CLASSES': [
111-
# 'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly',
112-
# 'rest_framework.permissions.DjangoModelPermissions',
113-
'rest_framework.permissions.IsAuthenticated',
113+
'rest_framework.permissions.AllowAny', # until we have OAuth
114114
],
115115
'DEFAULT_AUTHENTICATION_CLASSES': [
116-
'rest_framework_simplejwt.authentication.JWTAuthentication',
117116
],
118117
}
119118

@@ -137,10 +136,9 @@
137136
STATIC_URL = '/static/'
138137

139138
EHRBASE_CONNECTION_PARAMS = dict(
140-
base_url=os.environ['C19_API_EHRBASE_URL'],
139+
base_url=os.environ['C19_BACKEND_EHRBASE_URL'],
141140
)
142141

143-
144142
# mozilla-django-oidc
145143

146144
AUTHENTICATION_BACKENDS = (
@@ -156,4 +154,7 @@
156154
OIDC_OP_USER_ENDPOINT = os.environ['OIDC_OP_USER_ENDPOINT']
157155

158156
LOGOUT_REDIRECT_URL = '/'
159-
LOGIN_REDIRECT_URL = '/'
157+
LOGIN_REDIRECT_URL = '/'
158+
159+
CORS_ORIGIN_WHITELIST = tuple(
160+
os.environ['C19_BACKEND_CORS_ORIGIN_WHITELIST'].split('|'))

c19-backend/api/models.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
from django.conf import settings
22
from django.db import models
33

4+
# TODO probably won't be needed once OAuth is set up
5+
# remember to generate migration if you do remove it
46
class C19APIPatientProfile(models.Model):
57
user = models.OneToOneField(
68
settings.AUTH_USER_MODEL,

c19-backend/api/urls.py

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,6 @@
33
from rest_framework import routers
44
from api import views
55
from rest_framework.urlpatterns import format_suffix_patterns
6-
from rest_framework_simplejwt.views import (
7-
TokenObtainPairView,
8-
TokenRefreshView,
9-
)
106

117

128
router = routers.DefaultRouter()
@@ -16,12 +12,4 @@
1612
urlpatterns = [
1713
path('', include(router.urls)),
1814
path('0.1/covid-screenings/', views.CovidScreenListView.as_view()),
19-
path(
20-
'0.1/auth/token/',
21-
TokenObtainPairView.as_view(),
22-
name='token_obtain_pair'),
23-
path(
24-
'0.1/auth/token/refresh/',
25-
TokenRefreshView.as_view(),
26-
name='token_refresh'),
2715
]

c19-backend/api/views.py

Lines changed: 15 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -8,23 +8,18 @@
88

99
class CovidScreenListView(APIView):
1010
def post(self, request, format=None):
11-
if patient := request.user.c19_api_patient_profile:
12-
ehr_api = OpenEHRAPI(connection=ehrbase.CONNECTION)
13-
ehr_id = ehr_api.ehr_id_for_nhs_number(
14-
nhs_number=patient.patient_nhs_number)
15-
return Response(
16-
data={
17-
# TODO we probably won't send the nhs number back,
18-
# this is just for stubbing to check the code branches
19-
'nhs_number': patient.patient_nhs_number,
20-
'ehr_id': ehr_id,
21-
},
22-
)
23-
else:
24-
return Response(
25-
data={
26-
'status': 'Unauthorized',
27-
'error': 'No patient profile record for user',
28-
},
29-
status=401,
30-
)
11+
screening_data = request.data
12+
ehr_api = OpenEHRAPI(connection=ehrbase.CONNECTION)
13+
ehr_id = ehr_api.ehr_id_for_nhs_number(
14+
nhs_number=screening_data['nhs_number'])
15+
return Response(
16+
data={
17+
# TODO we probably won't send the nhs number back,
18+
# this is just for stubbing to check the code branches
19+
'nhs_number': screening_data['nhs_number'],
20+
'ehr_id': ehr_id,
21+
'_note':
22+
'Just a fake return value for stubbing purposes for now,'
23+
' and will probably change completely',
24+
},
25+
)

c19-backend/ehrbase_connector/connector.py

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ def _url(self, suffix):
1919

2020
def get(self, path, params=None, **kwargs):
2121
# TODO also pass auth=(user, pass) once basic auth implemented
22-
return requests.get(self._url(path), params=None, **kwargs)
22+
return requests.get(self._url(path), params=params, **kwargs)
2323

2424
def post(self, path, data=None, json=None, **kwargs):
2525
# TODO also pass auth=(user, pass) once basic auth implemented
@@ -53,10 +53,9 @@ def ehr_already_existed(status_code):
5353
"is_queryable": "true",
5454
},
5555
)
56-
if (
57-
creation_response.status_code == requests.status.ok
58-
or ehr_already_existed(status_code=creation_response.status_code)
59-
):
56+
if creation_response.status_code == requests.codes.ok \
57+
or ehr_already_existed(status_code=creation_response.status_code)\
58+
:
6059
# For now even if the POST was successful we have to GET because
6160
# EHRBase sends empty body with status 204 instead of 201 with some
6261
# JSON
@@ -65,9 +64,9 @@ def ehr_already_existed(status_code):
6564
params={
6665
'subject_id': nhs_number,
6766
'subject_namespace': nhs_number_namespace,
68-
}
67+
},
6968
)
70-
if fetch_response.status_code == requests.status.ok:
69+
if fetch_response.status_code == requests.codes.ok:
7170
return fetch_response.json()['ehr_id']['value']
7271
else:
7372
raise APIException(

c19-backend/requirements.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,3 +7,4 @@ toolz
77
attrs
88
djangorestframework-simplejwt==4.4.0
99
mozilla-django-oidc
10+
django-cors-headers==3.2.1

docker-compose.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ services:
1515
OIDC_OP_AUTHORIZATION_ENDPOINT: ${OIDC_OP_AUTHORIZATION_ENDPOINT}
1616
OIDC_OP_TOKEN_ENDPOINT: ${OIDC_OP_TOKEN_ENDPOINT}
1717
OIDC_OP_USER_ENDPOINT: ${OIDC_OP_USER_ENDPOINT}
18+
C19_BACKEND_EHRBASE_URL: http://ehrbase:8080
19+
C19_BACKEND_CORS_ORIGIN_WHITELIST: ${C19_BACKEND_CORS_ORIGIN_WHITELIST}
1820
volumes:
1921
- ./c19-backend:/app
2022
ports:
@@ -23,6 +25,7 @@ services:
2325
- django_postgres
2426
networks:
2527
- django_net
28+
- ehrbase_net
2629

2730
django_postgres:
2831
image: postgres:12

docs/examples/dotenv

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ DJANGO_POSTGRES_PASSWORD=django
33
DJANGO_POSTGRES_DB=django
44
# Make sure you use a different secret key in production
55
C19_BACKEND_SECRET_KEY="t8z$5)6b-4y_liyeo@rh=e=z=0loz!(_6lhaw9(as+k&3!f=x0"
6+
# Pipe(|)-separated list of URLs to whitelist for CORS origin
7+
C19_BACKEND_CORS_ORIGIN_WHITELIST=http://localhost:8000
68

79
POSTGRES_USER=postgres
810
POSTGRES_PASSWORD=postgres

0 commit comments

Comments
 (0)