rename some of the files to scatter-auth

Added dev csrf_exempt
Added getCookie to base
Some js (working) in signup.html

Author: delneg

LICENSE

@@ -1,27 +1,5 @@
 MIT License
 
-Copyright (c) 2018 Alexander Tereshkin
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
-MIT License
-
 Copyright (c) 2018 Bearle
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

README.rst

@@ -68,13 +68,13 @@ Set your User model's field to use as ETH address provider:
 
 .. code-block:: python
 
-    WEB3AUTH_USER_ADDRESS_FIELD = 'username'
+    SCATTERAUTH_USER_ADDRESS_FIELD = 'username'
 
 And if you have some other fields you want to be in the SignupForm, add them too:
 
 .. code-block:: python
 
-    WEB3AUTH_USER_SIGNUP_FIELDS = ['email',]
+    SCATTERAUTH_USER_SIGNUP_FIELDS = ['email',]
 
 
 Add Django-Web3-Auth's URL patterns:
@@ -128,7 +128,7 @@ If you have any questions left, head to the example app https://github.com/Bearl
 Important details and FAQ
 -------------------------
 
-1. *If you set a custom address field (WEB3AUTH_USER_ADDRESS_FIELD), it MUST be unique (unique=True).*
+1. *If you set a custom address field (SCATTERAUTH_USER_ADDRESS_FIELD), it MUST be unique (unique=True).*
 
 This is needed because if it's not, the user can register a new account with the same address as the other one,
 meaning that the user can now login as any of those accounts (sometimes being the wrong one).

docs/overview.rst

@@ -7,7 +7,7 @@ and 2 views for Signup (one with JSON responses, and the other - using Django Fo
 
 It also has 2 forms, SignupForm (rendered) and LoginForm (uses hidden inputs, used to validate data only).
 
-Possible configuration includes customizable address field (``WEB3AUTH_USER_ADDRESS_FIELD``), additional fields for User model (``WEB3AUTH_USER_SIGNUP_FIELDS``) and on/off switch for registration (``WEB3AUTH_SIGNUP_ENABLED``).
+Possible configuration includes customizable address field (``SCATTERAUTH_USER_ADDRESS_FIELD``), additional fields for User model (``SCATTERAUTH_USER_SIGNUP_FIELDS``) and on/off switch for registration (``SCATTERAUTH_SIGNUP_ENABLED``).
 You can read more on that in the Configuration section.
 
 Sign up
@@ -16,7 +16,7 @@ Sign up
 The signup process is as follows (signup_view example, signup_api is similar):
 
 1. User heads to the signup URL (``{% url 'web3auth_signup' %}``)
-2. The signup view is rendered with a ``SignupForm`` which includes ``WEB3AUTH_USER_SIGNUP_FIELDS`` and ``WEB3AUTH_USER_ADDRESS_FIELD``
+2. The signup view is rendered with a ``SignupForm`` which includes ``SCATTERAUTH_USER_SIGNUP_FIELDS`` and ``SCATTERAUTH_USER_ADDRESS_FIELD``
 3. The user enters required data and clicks the submit button and the POST request fires to the same URL with ``signup_view``
 4. Signup view does the following:
     4.1. Creates an instance of a ``SignupForm``.

docs/settings.rst

@@ -4,8 +4,8 @@ Settings
 
 You should specify settings in your settings.py like this::
 
-    WEB3AUTH_USER_ADDRESS_FIELD = 'address'
-    WEB3AUTH_USER_SIGNUP_FIELDS = ['email', 'username']
+    SCATTERAUTH_USER_ADDRESS_FIELD = 'address'
+    SCATTERAUTH_USER_SIGNUP_FIELDS = ['email', 'username']
 
 
 In the above example the following User model is used:
@@ -29,9 +29,9 @@ Here's a list of available settings:
 +--------------------------------+------------+-------------------------------------------------------------------------+
 | Setting                        | Default    | Description                                                             |
 +================================+============+=========================================================================+
-| WEB3AUTH_SIGNUP_ENABLED        | True       | If False, new users won't be able to sign up (used in ``signup_view``)  |
+| SCATTERAUTH_SIGNUP_ENABLED        | True       | If False, new users won't be able to sign up (used in ``signup_view``)  |
 +--------------------------------+------------+-------------------------------------------------------------------------+
-| WEB3AUTH_USER_SIGNUP_FIELDS    | ['email']  | Specifies field to be used in signup form for a new User model          |
+| SCATTERAUTH_USER_SIGNUP_FIELDS    | ['email']  | Specifies field to be used in signup form for a new User model          |
 +--------------------------------+------------+-------------------------------------------------------------------------+
-| WEB3AUTH_USER_ADDRESS_FIELD    | 'username' | Field on the User model, which has ethereum address to check against.   |
+| SCATTERAUTH_USER_ADDRESS_FIELD    | 'username' | Field on the User model, which has ethereum address to check against.   |
 +--------------------------------+------------+-------------------------------------------------------------------------+

example/README.md

@@ -1,4 +1,4 @@
-Example Project for web3auth
+Example Project for scatter-auth
 
 This example is provided as a convenience feature to allow potential users to try the app straight from the app repo without having to create a django project.
 

example/templates/web3auth/base.html

@@ -1,4 +1,5 @@
-{% load staticfiles i18n %}<!DOCTYPE html>
+{% load static i18n %}
+<!DOCTYPE html>
 <html lang="en">
 <head>
   <meta charset="utf-8">
@@ -45,6 +46,11 @@
         <li class="nav-item">
           <a class="nav-link" href="{% url 'web3auth_signup' %}">Signup</a>
         </li>
+        {% if request.user.is_authenticated %}
+        <li class="nav-item">
+          <a class="nav-link">Logged in as {{ request.user.username }}</a>
+        </li>
+        {% endif %}
       </ul>
     </div>
   </nav>
@@ -84,7 +90,24 @@
 
   <!-- Latest compiled and minified JavaScript -->
   <script src="https://cdn.rawgit.com/twbs/bootstrap/v4-dev/dist/js/bootstrap.js"></script>
-
+  <script>
+    function getCookie(name) {
+      var cookieValue = null;
+      if (document.cookie && document.cookie != '') {
+        var cookies = document.cookie.split(';');
+        for (var i = 0; i < cookies.length; i++) {
+          var cookie = jQuery.trim(cookies[i]);
+          // Does this cookie string begin with the name we want?
+          if (cookie.substring(0, name.length + 1) == (name + '=')) {
+            cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
+            break;
+          }
+        }
+      }
+      return cookieValue;
+    }
+
+  </script>
   <!-- Your stuff: Third-party javascript libraries go here -->
   <script src="{% static 'web3auth/js/web3auth.js' %}"></script>
 

example/templates/web3auth/signup.html

@@ -8,3 +8,94 @@
     </form>
   </div>
 {% endblock content %}
+{% block javascript %}
+  {{ block.super }}
+  <script>
+    const signup = '{% url 'web3auth_signup_api' %}';
+    const CHAIN_ID = '038f4b0fc8ff18a4f0842a8f0564611f6e96e8535901dd45e43ac8691a1c4dca';
+    const CHAIN_PROTOCOL = 'http';
+    const CHAIN_HOST = '193.93.219.219';
+    const CHAIN_PORT = 8888;
+
+    const NETWORK = {
+      protocol: CHAIN_PROTOCOL,
+      blockchain: 'eos',
+      host: CHAIN_HOST,
+      port: CHAIN_PORT,
+      chainId: CHAIN_ID
+    };
+
+    function signupWithData(username, email, signup_url, onSignupRequestError, onSignupSuccess, onSignupFail) {
+      var request = new XMLHttpRequest();
+      request.open('POST', signup_url, true);
+      request.onload = function () {
+        if (request.status >= 200 && request.status < 400) {
+          // Success!
+          var resp = JSON.parse(request.responseText);
+          if (resp.success) {
+            if (typeof onSignupSuccess === 'function') {
+              onSignupSuccess(resp);
+            }
+          } else {
+            if (typeof onSignupFail === 'function') {
+              onSignupFail(resp);
+            }
+          }
+        } else {
+          // We reached our target server, but it returned an error
+          console.log("Signup failed - request status " + request.status);
+          if (typeof onSignupRequestError === 'function') {
+            onSignupRequestError(request);
+          }
+        }
+      };
+
+      request.onerror = function () {
+        console.log("Signup failed - there was an error");
+        if (typeof onSignupRequestError === 'function') {
+          onSignupRequestError(request);
+        }
+        // There was a connection error of some sort
+      };
+      request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
+      request.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
+      var formData = 'username=' + username + '&email=' + email;
+      request.send(formData);
+    }
+
+    async function requestIdentity(onIdentityReject) {
+      await scatter.suggestNetwork(NETWORK);
+
+      let required_fields = {
+        personal: ['email'],
+        accounts: [NETWORK]
+      };
+
+      scatter.getIdentity(required_fields).then((identity) => {
+        var account = identity.accounts.find(function (account) {
+          return account.blockchain === 'eos'
+        });
+
+        signupWithData(account.name, scatter.identity.personal.email, signup, console.log, console.log, console.log)
+
+      }).catch(error => {
+        console.log("Identity or Network was rejected");
+        if (typeof onIdentityReject === 'function') {
+          onIdentityReject(error);
+        }
+      })
+    }
+
+    document.addEventListener('scatterLoaded', scatterExtension => {
+      console.log("Scatter installed!");
+      if (scatter.identity) {
+        // login the user with api
+        console.log("Identity found");
+        console.log(scatter.identity);
+        console.log("Welcome, " + scatter.identity.name + '<br>Your public key: ' + scatter.identity.publicKey);
+      } else {
+        requestIdentity()
+      }
+    });
+  </script>
+{% endblock javascript %}

setup.py

@@ -45,21 +45,21 @@ def get_version(*file_paths):
 history = open('HISTORY.rst').read().replace('.. :changelog:', '')
 
 setup(
-    name='django-web3-auth',
+    name='django-scatter-auth',
     version=version,
     description="""django-web3-auth is a pluggable Django app that enables login/signup via an Ethereum wallet (a la CryptoKitties). The user authenticates themselves by digitally signing the session key with their wallet's private key.""",
     long_description=readme + '\n\n' + history,
     author='Bearle',
     author_email='tech@bearle.ru',
-    url='https://github.com/Bearle/django-web3-auth',
+    url='https://github.com/Bearle/django-scatter-auth',
     packages=[
-        'web3auth',
+        'scatter_auth',
     ],
     include_package_data=True,
     install_requires=['ethereum>=2.3.1', 'rlp==0.6.0','eth_utils>=1.0.3'],
     license="MIT",
     zip_safe=False,
-    keywords='django-web3-auth',
+    keywords='django-scatter-auth',
     classifiers=[
         'Development Status :: 3 - Alpha',
         'Framework :: Django :: 1.11',

web3auth/backend.py

@@ -16,7 +16,7 @@ def authenticate(self, request, address=None, token=None, signature=None):
             return None
         else:
             # get address field for the user model
-                address_field = app_settings.WEB3AUTH_USER_ADDRESS_FIELD
+                address_field = app_settings.SCATTERAUTH_USER_ADDRESS_FIELD
                 kwargs = {
                     address_field+"__iexact": address
                 }

web3auth/forms.py

@@ -24,7 +24,7 @@ def clean_signature(self):
 
 
 # list(set()) here is to eliminate the possibility of double including the address field
-signup_fields = list(set(app_settings.WEB3AUTH_USER_SIGNUP_FIELDS + [app_settings.WEB3AUTH_USER_ADDRESS_FIELD]))
+signup_fields = list(set(app_settings.SCATTERAUTH_USER_SIGNUP_FIELDS + [app_settings.SCATTERAUTH_USER_ADDRESS_FIELD]))
 
 
 class SignupForm(forms.ModelForm):
@@ -35,18 +35,18 @@ def __init__(self, *args, **kwargs):
 
         # make sure to make email required, because password is not set
         # and if the user loses private key he can get 'reset' password link to email
-        if 'email' in app_settings.WEB3AUTH_USER_SIGNUP_FIELDS:
+        if 'email' in app_settings.SCATTERAUTH_USER_SIGNUP_FIELDS:
             self.fields['email'].required = True
-        self.fields[app_settings.WEB3AUTH_USER_ADDRESS_FIELD].required = True
+        self.fields[app_settings.SCATTERAUTH_USER_ADDRESS_FIELD].required = True
 
     def clean_address_field(self):
-        # validate_eth_address(self.cleaned_data[app_settings.WEB3AUTH_USER_ADDRESS_FIELD])
-        return self.cleaned_data[app_settings.WEB3AUTH_USER_ADDRESS_FIELD].lower()
+        # validate_eth_address(self.cleaned_data[app_settings.SCATTERAUTH_USER_ADDRESS_FIELD])
+        return self.cleaned_data[app_settings.SCATTERAUTH_USER_ADDRESS_FIELD].lower()
 
     class Meta:
         model = get_user_model()
         fields = signup_fields
 
 
 # hack to set the method for cleaning address field
-setattr(SignupForm, 'clean_' + app_settings.WEB3AUTH_USER_ADDRESS_FIELD, SignupForm.clean_address_field)
+setattr(SignupForm, 'clean_' + app_settings.SCATTERAUTH_USER_ADDRESS_FIELD, SignupForm.clean_address_field)

web3auth/settings.py

@@ -3,26 +3,26 @@
 
 class AppSettings(object):
     @property
-    def WEB3AUTH_USER_ADDRESS_FIELD(self):
+    def SCATTERAUTH_USER_ADDRESS_FIELD(self):
         """
         Field on the User model, which has ethereum address to check against.
         This allows you to store it somewhere in arbitrary place other than just username.
         """
-        return getattr(django_settings, 'WEB3AUTH_USER_ADDRESS_FIELD', 'username')
+        return getattr(django_settings, 'SCATTERAUTH_USER_ADDRESS_FIELD', 'username')
 
     @property
-    def WEB3AUTH_USER_SIGNUP_FIELDS(self):
+    def SCATTERAUTH_USER_SIGNUP_FIELDS(self):
         """
         Specifies field to be used in signup form for a new User model
         """
-        return getattr(django_settings, "WEB3AUTH_USER_SIGNUP_FIELDS", ['email'])
+        return getattr(django_settings, "SCATTERAUTH_USER_SIGNUP_FIELDS", ['email'])
 
     @property
-    def WEB3AUTH_SIGNUP_ENABLED(self):
+    def SCATTERAUTH_SIGNUP_ENABLED(self):
         """
         Makes it possible to disable signups (similar to allauth)
         """
-        return getattr(django_settings, "WEB3AUTH_SIGNUP_ENABLED", True)
+        return getattr(django_settings, "SCATTERAUTH_SIGNUP_ENABLED", True)
 
 
 app_settings = AppSettings()

web3auth/views.py

@@ -11,7 +11,7 @@
 from web3auth.utils import recover_to_addr
 from django.utils.translation import ugettext_lazy as _
 from web3auth.settings import app_settings
-
+from django.views.decorators.csrf import csrf_exempt
 import json
 
 
@@ -56,15 +56,15 @@ def login_api(request):
             else:
                 return JsonResponse({'success': False, 'error': json.loads(form.errors.as_json())})
 
-
+@csrf_exempt
 @require_http_methods(["POST"])
 def signup_api(request):
-    if not app_settings.WEB3AUTH_SIGNUP_ENABLED:
+    if not app_settings.SCATTERAUTH_SIGNUP_ENABLED:
         return JsonResponse({'success': False, 'error': _("Sorry, signup's are currently disabled")})
     form = SignupForm(request.POST)
     if form.is_valid():
         user = form.save(commit=False)
-        addr_field = app_settings.WEB3AUTH_USER_ADDRESS_FIELD
+        addr_field = app_settings.SCATTERAUTH_USER_ADDRESS_FIELD
         setattr(user, addr_field, form.cleaned_data[addr_field])
         user.save()
         login(request, user, 'web3auth.backend.Web3Backend')
@@ -88,14 +88,14 @@ def signup_view(request, template_name='web3auth/signup.html'):
     :return: rendered template with form
     """
     form = SignupForm()
-    if not app_settings.WEB3AUTH_SIGNUP_ENABLED:
+    if not app_settings.SCATTERAUTH_SIGNUP_ENABLED:
         form.add_error(None, _("Sorry, signup's are currently disabled"))
     else:
         if request.method == 'POST':
             form = SignupForm(request.POST)
             if form.is_valid():
                 user = form.save(commit=False)
-                addr_field = app_settings.WEB3AUTH_USER_ADDRESS_FIELD
+                addr_field = app_settings.SCATTERAUTH_USER_ADDRESS_FIELD
                 setattr(user, addr_field, form.cleaned_data[addr_field])
                 user.save()
                 login(request, user, 'web3auth.backend.Web3Backend')