[AUTH CAS INPN] fix(auth): fix authentication via CAS INPN

[VincentCauchois]

Fix authentication via CAS INPN.

[codecov]

Codecov Report

Attention: Patch coverage is 42.85714% with 4 lines in your changes are missing coverage. Please review.

Project coverage is 78.52%. Comparing base (3c2f64f) to head (087a520).
Report is 124 commits behind head on develop.

❗ Current head 087a520 differs from pull request most recent head 8cb31b2

Please upload reports for the commit 8cb31b2 to get more accurate results.

Files	Patch %	Lines
backend/geonature/core/auth/routes.py	42.85%	4 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2866      +/-   ##
===========================================
+ Coverage    78.50%   78.52%   +0.01%     
===========================================
  Files           89       89              
  Lines         7208     7241      +33     
===========================================
+ Hits          5659     5686      +27     
- Misses        1549     1555       +6     

Flag	Coverage Δ
pytest	78.52% <42.85%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[jacquesfize]

Quelque petites broutilles à check. Ensuite, si tout fonctionne de votre côté, c'est bon pour moi.

[camillemonchicourt]

@CodiumAI-Agent /review

[CodiumAI-Agent]

PR Analysis

(review updated until commit 5fcbf6e)

• 🎯 Main theme: Fixing authentication issues related to CAS INPN login
• 📝 PR summary: This PR addresses two main issues: the first one is related to the set_cookie function not accepting bytes type for its value parameter, which is fixed by casting the argument as str. The second issue is related to the authentication process via CAS INPN login, where several fixes and enhancements are introduced, including handling the case where the cookie "token" does not exist, redirecting to CAS INPN login only if not authenticated, setting the local storage item "expires_at", and calling login_user Flask function to actually log the user in.
• 📌 Type of PR: Bug fix
• 🧪 Relevant tests added: No
• ⏱️ Estimated effort to review [1-5]: 3, because the PR involves changes in both frontend and backend code, and it requires understanding of the authentication process and the use of cookies.
• 🔒 Security concerns: No

PR Feedback

💡 General suggestions: It would be beneficial to add tests that cover the changes made in this PR. This would help ensure that the authentication process works as expected and that the changes do not introduce new bugs. Also, it would be good to handle potential exceptions that might occur during the authentication process, such as when querying the database or setting cookies.

---

✨ Usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.
When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

Utilizing extra instructions The review tool can be configured with extra instructions, which can be used to guide the model to a feedback tailored to the needs of your project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify the relevant sub-tool, and the relevant aspects of the PR that you want to emphasize. Examples for extra instructions: [pr_reviewer] # /review # extra_instructions=""" In the code feedback section, emphasize the following: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.

How to enable\disable automation When you first install PR-Agent app, the default mode for the review tool is: pr_commands = ["/review", ...] meaning the review tool will run automatically on every PR, with the default configuration. Edit this field to enable/disable the tool, or to change the used configurations

About the 'Code feedback' section The review tool provides several type of feedbacks, one of them is code suggestions. If you are interested only in the code suggestions, it is recommended to use the improve feature instead, since it dedicated only to code suggestions, and usually gives better results. Use the review tool if you want to get a more comprehensive feedback, which includes code suggestions as well.

Auto-labels The review tool can auto-generate two specific types of labels for a PR: a possible security issue label, that detects possible security issues (enable_review_labels_security flag) a Review effort [1-5]: x label, where x is the estimated effort to review the PR (enable_review_labels_effort flag)

Extra sub-tools The review tool provides a collection of possible feedbacks about a PR. It is recommended to review the possible options, and choose the ones relevant for your use case. Some of the feature that are disabled by default are quite useful, and should be considered for enabling. For example: require_score_review, require_soc2_review, enable_review_labels_effort, and more.

More PR-Agent commands To invoke the PR-Agent, add a comment using one of the following commands: /review: Request a review of your Pull Request. /describe: Update the PR title and description based on the contents of the PR. /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback. /ask <QUESTION>: Ask a question about the PR. /update_changelog: Update the changelog based on the PR's contents. /add_docs 💎: Generate docstring for new components introduced in the PR. /generate_labels 💎: Generate labels for the PR based on the PR's contents. /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. See the tools guide for more details. To list the possible configuration parameters, add a /config comment.

See the review usage page for a comprehensive guide on using this tool.

[CodiumAI-Agent]

Persistent review updated to latest commit 5fcbf6e

[camillemonchicourt]

@CodiumAI-Agent /improve

[jacquesfize]

L'ajout d'une route dans UH-AH est une solution temporaire... pas trop fan de rajouter une route juste pour le CAS INPN. On est en train de réfléchir à la déplacer ...