WIP: add authenticati (#4)

on to onboarding

Author: Mupati

.env

@@ -4,6 +4,11 @@ DEBUG=True
 DJANGO_SETTINGS_MODULE=api.settings
 SECRET_KEY=secret
 
+# Default admin credentials (change DEFAULT_ADMIN_PASSWORD for production!)
+DEFAULT_ADMIN_USERNAME=admin
+DEFAULT_ADMIN_PASSWORD=admin
+DEFAULT_ADMIN_EMAIL=admin@admin.com
+
 # used to generate the JWT token
 INIT_TOKEN_SECRET=supersecret
 

Dockerfile

@@ -16,13 +16,20 @@ ENV PYTHONUNBUFFERED 1
 
 RUN apk add --update --no-cache --virtual .tmp-build-deps \
     gcc libc-dev linux-headers postgresql-dev \
-    && apk add libffi-dev
+    && apk add libffi-dev netcat-openbsd
 
 # install dependencies
 RUN pip install --upgrade pip
 
-# copy whole project to your docker home directory. 
+# copy whole project to your docker home directory.
 COPY . $DockerHOME
 
 # run this command to install all dependencies
 RUN pip install -r requirements.txt
+
+# copy entrypoint script and make it executable
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+# set entrypoint
+ENTRYPOINT ["/entrypoint.sh"]

api/settings.py

@@ -112,6 +112,11 @@
 
 AUTH_USER_MODEL = 'app.User'
 
+# Default admin user credentials
+DEFAULT_ADMIN_USERNAME = os.getenv('DEFAULT_ADMIN_USERNAME', 'admin')
+DEFAULT_ADMIN_PASSWORD = os.getenv('DEFAULT_ADMIN_PASSWORD', 'admin')
+DEFAULT_ADMIN_EMAIL = os.getenv('DEFAULT_ADMIN_EMAIL', 'admin@admin.com')
+
 # Password validation
 # https://docs.djangoproject.com/en/2.1/ref/settings/#auth-password-validators
 

app/management/__init__.py

@@ -0,0 +1,44 @@
+import os
+from django.core.management.base import BaseCommand
+from django.contrib.auth import get_user_model
+
+User = get_user_model()
+
+
+class Command(BaseCommand):
+    help = 'Initialize default admin user (idempotent)'
+
+    def handle(self, *args, **options):
+        # Get admin credentials from environment variables
+        admin_username = os.environ.get('DEFAULT_ADMIN_USERNAME', 'admin')
+        admin_password = os.environ.get('DEFAULT_ADMIN_PASSWORD', 'admin')
+        admin_email = os.environ.get('DEFAULT_ADMIN_EMAIL', 'admin@admin.com')
+
+        # Check if admin user already exists
+        if User.objects.filter(username=admin_username).exists():
+            self.stdout.write(
+                self.style.WARNING(f'Admin user "{admin_username}" already exists. Skipping creation.')
+            )
+            return
+
+        # Create the admin user
+        try:
+            admin_user = User.objects.create_superuser(
+                username=admin_username,
+                email=admin_email,
+                password=admin_password
+            )
+            admin_user.is_verified = True
+            admin_user.save()
+
+            self.stdout.write(
+                self.style.SUCCESS(
+                    f'Successfully created admin user "{admin_username}" with default password. '
+                    f'Please change the password after first login.'
+                )
+            )
+        except Exception as e:
+            self.stdout.write(
+                self.style.ERROR(f'Failed to create admin user: {str(e)}')
+            )
+            raise

app/management/commands/__init__.py

@@ -0,0 +1,26 @@
+from .user import User
+from .organization import Organization
+from .app import App
+from .conference import Conference
+from .participant import Participant
+from .session import Session
+from .summary import Summary
+from .track import Track
+from .connection import Connection
+from .generic_event import GenericEvent
+from .issue import Issue
+
+__all__ = [
+    'User',
+    'Organization',
+    'App',
+    'Conference',
+    'Participant',
+    'Session',
+    'Summary',
+    'Track',
+    'Connection',
+    'GenericEvent',
+    'Issue',
+]
+

app/management/commands/init_admin.py

@@ -17,6 +17,7 @@ class User(AbstractUser, BaseModel):
 
     Fields:
         id: ID from db, UUID
+        organization: the organization this user belongs to, fk
         last_active: the last time the user was active, date
         notifications: notifications, dict
         is_verified: True if the user verified the provided email, bool
@@ -28,6 +29,14 @@ class Meta:
         db_table = 'users'
 
     id = models.UUIDField(primary_key=True, default=uuid.uuid4)
+    organization = models.ForeignKey(
+        'Organization',
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='users',
+        help_text='The organization this user belongs to'
+    )
     last_active = models.DateField(default=datetime.datetime.utcnow, null=True, blank=True)
     notifications = JSONField(null=True, blank=True, default=dict)
     is_verified = models.BooleanField(default=False)

app/models/__init__.py

@@ -7,6 +7,7 @@
 from ..utils import JSONHttpResponse, serialize, validate_string
 from .crud_view import CrudView
 
+
 class OrganizatonsView(CrudView):
     """
     Endpoint for editing, creating and retrieving organizations.
@@ -41,6 +42,9 @@ def post(cls, request, pk=None):
 
         organization.save()
 
+        request.user.organization = organization
+        request.user.save()
+
         return JSONHttpResponse(
             status=200,
             content=serialize(

app/models/user.py

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+# Exit on error
+set -e
+
+echo "Waiting for postgres..."
+while ! nc -z $DATABASE_HOST $DATABASE_PORT; do
+  sleep 0.1
+done
+echo "PostgreSQL started"
+
+echo "Running migrations..."
+python manage.py migrate --noinput
+
+echo "Collecting static files..."
+python manage.py collectstatic --noinput
+
+echo "Initializing admin user..."
+python manage.py init_admin
+
+echo "Starting Gunicorn..."
+exec gunicorn api.wsgi:application --bind 0.0.0.0:8081 --log-level debug --reload