| Product | IATI Account (Web App) |
|---|---|
| Description | The IATI Account product is a web app for users to self-manage their accounts and to make write changes into the new IATI Registry. |
| Website | None |
| Related | |
| Documentation | Rest of README.md |
| Technical Issues | GitHub issues page |
| Support | IATI Support Website |
- Python 3.12.11
This application is the main tool through which IATI users can self-service their accounts, create and delete reporting organisations, and manage dataset urls that are part of the IATI corpus.
Running this application locally and opening https://localhost:8443 allows the user to login to Asgardeo using one of our development accounts.
Configuration is through environment variables. The application will get environment variables from the local environment, or through a ".env" file that is specified through the environment variable ENV_FILE.
To run, the application needs a database. When running locally it will (create) and use a new SQLite database automatically by default, but migrations need to be run before starting the server:
ENV_FILE=.env.dev python manage.py migrateRunning this application locally and logging in to Asgardeo should not be done under HTTP as client secrets and user details will be passed via easily intercepted communications. Local development should be done using SSL/TLS.
The development dependencies include django_extensions and werkzeug that together with using runserver_plus can launch a local server with SSL. To do this, we first need to generate a certificate and private key.
This can be done using openssl:
openssl req -x509 -newkey rsa:4096 -keyout private-key.pem -out certificate.pem -sha256 -days 365 -nodes -subj "/C=GB/O=Open Data Services Co-operative Ltd./CN=api.eu.asgar
deo.io"
Now the Django app can be run over HTTPS using
python manage.py runserver_plus "127.0.0.1:8443" --cert-file certificate.pem --key-file private-key.pem
It will be accessible on: https://localhost:8443
There is a bash script that automates this:
ENV_FILE=.env.dev ./runserver.sh
### Automated tests
There are some automated tests that run entirely in Django without the need for external dependencies or services (e.g., Mockoon). The test environment variables must be used `.env.test.`:
```bash
ENV_FILE=.env.test python manage.py test
New dependencies are added to pyproject.toml. Once these have been added requirements.txt and/or requirements_dev.txt need to be regenerated. With:
pip-compile --output-file=requirements.txt --strip-extras
and/or
pip-compile --extra=dev --output-file=requirements_dev.txt --strip-extras
Linting is setup with isort and black and checked with flake8. Static type checking is performed by mypy. Configurations are stored in pyproject.toml. To use these linters and checkers you will first need to install the development dependencies:
pip install -r requirements_dev.txt
Then the code can be linted with:
black .
isort .
And checked with flake8 and mypy:
flake8
mypy .
Static Security Application Testing is performed with bandit. To use this tool you must also install the development dependencies and then test with:
bandit -c pyproject.toml -r .
The version is set in pyproject.toml. When making updates, set the version to an appropriate value.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.