dethos / django-cryptolock Goto Github PK

pybitid was added as a dependency in order to speed up BitID implementation, however that package hasn't been maintained for 5 years. It includes in its source a copy of pybitcointools, a package that has been abandoned by its author.

I can see two viable ways forward:

• Find an alternative that is maintained
• Build the BitID specific functionality on top of a maintained bitcoin library and add it to the project.

Realistically, option number 2 will be the most probable way forward, even though option 1 is better.

At the moment (version 0.0.1) django_cryptolock only supports Django projects that make use of the SessionMiddleware. This is due to the current "proof of concept" state of the project.

In order to be useful the package must support other usages and scenarios, such as APIs (using DRF for example).

The best way to implement this new feature is not yet clear, lets use this issue for discussion.

This project started as a "proof-of-concept" for the proposed "monero crypto-lock" mechanism. However the main objective is to support similar mechanisms based on other cryptocurrencies.

The goal of this issue is to add support to BitID. Like it happens with the Monero version, at first just a working prototype is needed, that we could later use to iterate on and improve.

Currently to verify the signatures django-cryptolock requires a connection to a monero wallet RPC. While this works it adds complexity and an extra dependency to all projects that rely on this package.

Ideally we should provide the user with the option of doing the signature validation locally.

It is not clear yet how this could be achieved, lets use this issue for a thoughtful discussion.

There should be an easy-way to integrate the Django-cryptolock with projects that make use of Django Rest Framework.

The same way set of Views and Forms are provided for django projects, some base APIViews and Serializers should be available to use without much effort.

The focus of this issue is to have a basic functionality ready to use, without caring too much with extensibility and other ways it could be configurable in the future.

• Django-Cryptolock version: 0.0.2
• Django version: 2.2
• Python version: 3.7
• Operating System: Linux

Description

When someone tries to signup with an address that is already in use and exception is thrown.
No checks are made to verify if the address already exists.

What I Did

Filled the sign up form and got:

IntegrityError at /auth/signup
UNIQUE constraint failed: auth_user.username
Request Method:	POST
Request URL:	http://localhost:8000/auth/signup

There's still lots of code not covered by the test suite and even the quality of the existing tests could be greatly improved.

In order to be objective and make this issue actionable (but not mandatory for any contribution :)) lets aim for a target of 90% coverage.

We should add to the documentation a detailed tutorial on how to use this app.

On the "Readme" file, we have a "Quick Start" section, but for those who need more information and details about the inner working of the App, a detailed tutorial will be more valuable.

We need a new stage on the CI, that checks if commits and/or pull requests are correctly formatted using black.

We should make use of the --check option and fail if there are any changes required.