def test_create_authevent_sms_with_captcha(self):
self.ae.auth_method = 'sms'
self.ae.auth_method_config = test_data.authmethod_config_sms_default
self.ae.save()
c = JClient()
# add census without problem with captcha
c.authenticate(0, test_data.admin)
response = c.census(self.aeid, test_data.census_sms_default)
self.assertEqual(response.status_code, 200)
response = c.get('/api/auth-event/%d/census/' % self.aeid, {})
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(len(r['object_list']), 4)
# add register: without captcha
response = c.register(self.aeid, test_data.register_email_fields)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_sms_default
data.update({'tlf': '999999999'})
# add register: bad code
data.update({'captcha_code': '', 'captcha': captcha.challenge})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
# add register # TODO fix
data.update({'captcha_code': captcha.code, 'captcha': captcha.challenge})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
# add register: repeat captcha invalid
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_sms_fields
data.update({'tlf': '888888888'})
# add register: bad challenge
data.update({'captcha_code': captcha.code, 'captcha': ''})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_create_authevent_sms_with_captcha(self):
self.ae.auth_method = 'sms'
self.ae.auth_method_config = test_data.authmethod_config_sms_default
self.ae.save()
c = JClient()
# add census without problem with captcha
c.authenticate(0, test_data.admin)
response = c.census(self.aeid, test_data.census_sms_default)
self.assertEqual(response.status_code, 200)
response = c.get('/api/auth-event/%d/census/' % self.aeid, {})
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(len(r['userids']), 4)
# add register: without captcha
response = c.register(self.aeid, test_data.register_email_fields)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['msg'].count('Invalid captcha'))
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_sms_default
data.update({'tlf': '999999999'})
# add register: bad code
data.update({'captcha_code': '', 'captcha': captcha.challenge})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['msg'], 'Invalid captcha')
# add register # TODO fix
data.update({'captcha_code': captcha.code, 'captcha': captcha.challenge})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
# add register: repeat captcha invalid
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['msg'], 'Invalid captcha')
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_sms_fields
data.update({'tlf': '888888888'})
# add register: bad challenge
data.update({'captcha_code': captcha.code, 'captcha': ''})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['msg'], 'Invalid captcha')
def test_pregenerate_captchas(self):
self.assertEqual(0, Captcha.objects.count())
c = JClient()
c.authenticate(0, test_data.admin)
response = c.post('/api/auth-event/', test_data.ae_email_fields_captcha)
self.assertEqual(response.status_code, 200)
self.assertEqual(settings.PREGENERATION_CAPTCHA, Captcha.objects.filter(used=False).count())
def test_pregenerate_captchas(self):
self.assertEqual(0, Captcha.objects.count())
c = JClient()
c.authenticate(0, test_data.admin)
response = c.post('/api/auth-event/', test_data.ae_email_fields_captcha)
self.assertEqual(response.status_code, 200)
self.assertEqual(settings.PREGENERATION_CAPTCHA, Captcha.objects.filter(used=False).count())
def test_create_authevent_email_with_captcha(self):
c = JClient()
# add census without problem with captcha
c.authenticate(self.aeid, test_data.auth_email_default)
response = c.census(self.aeid, test_data.census_email_default)
self.assertEqual(response.status_code, 200)
response = c.get('/api/auth-event/%d/census/' % self.aeid, {})
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(len(r['object_list']), 4)
# add register: without captcha
response = c.register(self.aeid, test_data.register_email_fields)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_email_fields
# add register: bad code
data.update({'captcha_code': '', 'captcha': captcha.challenge})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
# add register # TODO fix
data.update({
'captcha_code': captcha.code,
'captcha': captcha.challenge
})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
# add register: repeat captcha invalid
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_email_fields
# add register: bad challenge
data.update({'captcha_code': captcha.code, 'captcha': ''})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_custom_view(self):
c = JClient()
response = c.authenticate(self.aeid, test_data.pwd_auth)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
data = {'username': '******', 'password': '******'}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
def test_method_custom_view(self):
c = JClient()
response = c.authenticate(self.aeid, test_data.pwd_auth)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
data = { 'email': '*****@*****.**', 'password': '******' }
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
def test_create_authevent_email_with_captcha(self):
c = JClient()
# add census without problem with captcha
c.authenticate(self.aeid, test_data.auth_email_default)
response = c.census(self.aeid, test_data.census_email_default)
self.assertEqual(response.status_code, 200)
response = c.get('/api/auth-event/%d/census/' % self.aeid, {})
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(len(r['object_list']), 4)
# add register: without captcha
response = c.register(self.aeid, test_data.register_email_fields)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_email_fields
# add register: bad code
data.update({'captcha_code': '', 'captcha': captcha.challenge})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
# add register # TODO fix
data.update({'captcha_code': captcha.code, 'captcha': captcha.challenge})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
# add register: repeat captcha invalid
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
# create captcha
response = c.get('/api/captcha/new/', {})
self.assertEqual(response.status_code, 200)
captcha = Captcha.objects.all()[0]
data = test_data.register_email_fields
# add register: bad challenge
data.update({'captcha_code': captcha.code, 'captcha': ''})
response = c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_email_invalid_code(self):
code = 'bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb'
c = JClient()
data = { 'userid': self.userid, 'code': code }
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
def test_method_email_invalid_code(self):
code = 'bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb'
c = JClient()
data = {'userid': self.userid, 'code': code}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
def test_authenticate_user(self):
u = User.objects.create_user('test', '*****@*****.**', 'test')
u.userdata.event = self.ae
u.userdata.tlf = '+34666666667'
u.userdata.save()
acl = ACL(user=u.userdata,
object_type='UserData',
perm='edit',
object_id=u.pk)
acl.save()
acl = ACL(user=u.userdata,
object_type='AuthEvent',
perm='create',
object_id=0)
acl.save()
code = Code(user=u.userdata, code='abcdef', auth_event_id=self.ae.pk)
code.save()
auth = {
'Email': '*****@*****.**',
'tlf': '+34666666667',
'code': code.code,
}
c = JClient()
response = c.authenticate(1, auth)
self.assertEqual(response.status_code, 200)
def test_ping(self):
c = JClient()
response = c.authenticate(self.aeid, test_data.pwd_auth)
self.assertEqual(response.status_code, 200)
response = c.get('/api/auth-event/%s/ping/' % self.aeid, {})
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_method_email_authenticate_invalid_code(self):
c = JClient()
data = {
'email': '*****@*****.**',
'code': 'AAAAAA'
}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
def test_ping(self):
c = JClient()
response = c.authenticate(self.aeid, test_data.pwd_auth)
self.assertEqual(response.status_code, 200)
response = c.get('/api/auth-event/%s/ping/' % self.aeid, {})
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_method_email_authenticate_valid_code(self):
c = JClient()
data = {
'email': '*****@*****.**',
'code': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_method_email_authenticate_valid_code(self):
c = JClient()
data = {
'email': '*****@*****.**',
'code': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_authenticate_user(self):
u = User.objects.create_user('test', '*****@*****.**', 'test')
u.userdata.event = self.ae
u.userdata.tlf = '+34666666667'
u.userdata.save()
acl = ACL(user=u.userdata, object_type='UserData', perm='edit', object_id=u.pk)
acl.save()
acl = ACL(user=u.userdata, object_type='AuthEvent', perm='create', object_id=0)
acl.save()
code = Code(user=u.userdata, code='ABCDEF', auth_event_id=self.ae.pk)
code.save()
auth = {
'Email': '*****@*****.**',
'tlf': '+34666666667',
'code': code.code,
}
c = JClient()
response = c.authenticate(1, auth)
self.assertEqual(response.status_code, 200)
class AuthMethodSmsTestCase(TestCase):
def setUpTestData():
flush_db_load_fixture()
def setUp(self):
auth_method_config = test_data.authmethod_config_sms_default
ae = AuthEvent(auth_method=test_data.auth_event2['auth_method'],
auth_method_config=auth_method_config,
extra_fields=test_data.auth_event2['extra_fields'],
status='started',
census=test_data.auth_event2['census'])
ae.save()
self.aeid = ae.pk
u = User(username='******', email='*****@*****.**')
u.save()
u.userdata.event = ae
u.userdata.tlf = '+34666666666'
u.userdata.metadata = { 'dni': '11111111H' }
u.userdata.save()
self.u = u.userdata
code = Code(user=u.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
m = Message(tlf=u.userdata.tlf, auth_event_id=ae.pk)
m.save()
u2 = User(email='*****@*****.**')
u2.is_active = False
u2.save()
u2.userdata.tlf = '+34766666666'
u2.userdata.event = ae
u2.userdata.metadata = { 'dni': '11111111H' }
u2.userdata.save()
code = Code(user=u2.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
self.c = JClient()
@override_settings(CELERY_EAGER_PROPAGATES_EXCEPTIONS=True,
CELERY_ALWAYS_EAGER=True,
BROKER_BACKEND='memory')
def test_method_sms_register(self):
data = {'tlf': '+34666666667', 'code': 'AAAAAAAA',
'email': '*****@*****.**', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
def test_method_sms_register_valid_dni(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid dni'), -1)
def test_method_sms_register_invalid_dni(self):
data = {'tlf': '+34666666667', 'code': 'AAAAAAAA', 'dni': '999', 'email': '*****@*****.**'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_sms_register_valid_email(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA',
'email': '*****@*****.**'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid email'), -1)
def test_method_sms_register_invalid_email(self):
data = {'tlf': '+34666666667', 'code': 'AAAAAAAA', 'email': 'test@@', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_sms_valid_code(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H', 'email': '*****@*****.**'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
self.assertTrue(isinstance(r['username'], str))
self.assertTrue(len(r['username']) > 0)
#self.assertGreaterEqual(Connection.objects.filter(tlf='+34666666666').count(), 1)
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def _test_method_sms_valid_code_timeout(self):
# TODO: check created in code for give code_timeout
time.sleep(test_data.pipe_timestamp)
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H', 'email': '*****@*****.**'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_invalid_code(self):
data = {'tlf': '+34666666666', 'code': 'BBBBBBBB', 'dni': '11111111H', 'email': '*****@*****.**'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_sms_get_perm(self): # Fix
auth = { 'tlf': '+34666666666', 'code': 'AAAAAAAA',
'email': '*****@*****.**', 'dni': '11111111H'}
data1 = { "object_type": "Vote", "permission": "create", "object_id":
self.aeid}
data2 = { "object_type": "Vote", "permission": "remove", "object_id":
self.aeid}
response = self.c.post('/api/get-perms', data1)
self.assertEqual(response.status_code, 301)
response = self.c.post('/api/get-perms', data2)
self.assertEqual(response.status_code, 301)
acl = ACL(user=self.u, object_type='Vote', perm='create',
object_id=self.aeid)
acl.save()
response = self.c.authenticate(self.aeid, auth)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(response.status_code, 200)
self.assertTrue(isinstance(r['username'], str))
self.assertTrue(len(r['username']) > 0)
response = self.c.post('/api/get-perms/', data1)
self.assertEqual(response.status_code, 200)
response = self.c.post('/api/get-perms/', data2)
self.assertEqual(response.status_code, 400)
def test_method_sms_authenticate_valid_code(self):
data = { 'tlf': '+34666666666', 'code': 'AAAAAAAA',
'email': '*****@*****.**', 'dni': '11111111H'}
response = self.c.authenticate(self.aeid, data)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(isinstance(r['username'], str))
self.assertTrue(len(r['username']) > 0)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_method_sms_authenticate_invalid_code(self):
data = {
'email': '*****@*****.**',
'code': 'AAAAAA'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
@override_settings(CELERY_EAGER_PROPAGATES_EXCEPTIONS=True,
CELERY_ALWAYS_EAGER=True,
BROKER_BACKEND='memory')
def test_send_sms_with_url2_msg(self):
data = {'tlf': '+34666666667', 'code': 'AAAAAAAA',
'email': '*****@*****.**', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
user_id = User.objects.filter(email=data['email'])[0].id
import utils
from authmethods.sms_provider import TestSMSProvider
sms_count0 = TestSMSProvider.sms_count
utils.send_codes(users=[user_id], ip='127.0.0.1', auth_method='sms',
config={'msg':'url[__URL2__], code[__CODE__]',
'subject':'subject'})
self.assertEqual(1+sms_count0, TestSMSProvider.sms_count)
import re
o = re.match('url\[(.+)\], code\[([-2-9]+)\]', TestSMSProvider.last_sms.get('content'))
self.assertEqual(2, len(o.groups()))
test_url = 'public/login/\\' + data.get('tlf') + '/' + o.groups()[1].replace("-","")
e = re.search(test_url, o.groups()[0])
self.assertTrue(e.group(0) == test_url.replace('\\',''))
class AuthMethodSmsTestCase(TestCase):
fixtures = ['initial.json']
def setUp(self):
auth_method_config = test_data.authmethod_config_sms_default
ae = AuthEvent(auth_method=test_data.auth_event2['auth_method'],
auth_method_config=auth_method_config,
extra_fields=test_data.auth_event2['extra_fields'],
status='started',
census=test_data.auth_event2['census'])
ae.save()
self.aeid = ae.pk
u = User(pk=1, username='******', email='*****@*****.**')
u.save()
u.userdata.event = ae
u.userdata.tlf = '+34666666666'
u.userdata.metadata = json.dumps({ 'dni': '11111111H' })
u.userdata.save()
self.u = u.userdata
code = Code(user=u.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
m = Message(tlf=u.userdata.tlf, auth_event_id=ae.pk)
m.save()
u2 = User(pk=2, username='******', email='*****@*****.**')
u2.is_active = False
u2.save()
u2.userdata.tlf = '+34766666666'
u2.userdata.event = ae
u2.userdata.metadata = json.dumps({ 'dni': '11111111H' })
u2.userdata.save()
code = Code(user=u2.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
self.c = JClient()
@override_settings(CELERY_EAGER_PROPAGATES_EXCEPTIONS=True,
CELERY_ALWAYS_EAGER=True,
BROKER_BACKEND='memory')
def test_method_sms_register(self):
data = {'tlf': '+34666666667', 'code': 'AAAAAAAA',
'email': '*****@*****.**', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
def test_method_sms_register_valid_dni(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid dni'), -1)
def test_method_sms_register_invalid_dni(self):
data = {'tlf': '+34666666667', 'code': 'AAAAAAAA', 'dni': '999', 'email': '*****@*****.**'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_register_valid_email(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA',
'email': '*****@*****.**'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid email'), -1)
def test_method_sms_register_invalid_email(self):
data = {'tlf': '+34666666667', 'code': 'AAAAAAAA', 'email': 'test@@', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_valid_code(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H', 'email': '*****@*****.**'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
#self.assertGreaterEqual(Connection.objects.filter(tlf='+34666666666').count(), 1)
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def _test_method_sms_valid_code_timeout(self):
# TODO: check created in code for give code_timeout
time.sleep(test_data.pipe_timestamp)
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H', 'email': '*****@*****.**'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_invalid_code(self):
data = {'tlf': '+34666666666', 'code': 'BBBBBBBB', 'dni': '11111111H', 'email': '*****@*****.**'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_get_perm(self): # Fix
auth = { 'tlf': '+34666666666', 'code': 'AAAAAAAA',
'email': '*****@*****.**', 'dni': '11111111H'}
data1 = { "object_type": "Vote", "permission": "create", "object_id":
self.aeid}
data2 = { "object_type": "Vote", "permission": "remove", "object_id":
self.aeid}
response = self.c.post('/api/get-perms', data1)
self.assertEqual(response.status_code, 301)
response = self.c.post('/api/get-perms', data2)
self.assertEqual(response.status_code, 301)
acl = ACL(user=self.u, object_type='Vote', perm='create',
object_id=self.aeid)
acl.save()
response = self.c.authenticate(self.aeid, auth)
self.assertEqual(response.status_code, 200)
response = self.c.post('/api/get-perms/', data1)
self.assertEqual(response.status_code, 200)
response = self.c.post('/api/get-perms/', data2)
self.assertEqual(response.status_code, 400)
def test_method_sms_authenticate_valid_code(self):
data = { 'tlf': '+34666666666', 'code': 'AAAAAAAA',
'email': '*****@*****.**', 'dni': '11111111H'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_method_sms_authenticate_invalid_code(self):
data = {
'email': '*****@*****.**',
'code': 'AAAAAA'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
class AuthMethodSmsTestCase(TestCase):
fixtures = ['initial.json']
def setUp(self):
auth_method_config = test_data.authmethod_config_sms_default
ae = AuthEvent(auth_method=test_data.auth_event2['auth_method'],
auth_method_config=auth_method_config,
extra_fields=test_data.auth_event2['extra_fields'],
status='started',
census=test_data.auth_event2['census'])
ae.save()
self.aeid = ae.pk
u = User(pk=1, username='******', email='*****@*****.**')
u.save()
u.userdata.event = ae
u.userdata.tlf = '+34666666666'
u.userdata.metadata = json.dumps({'dni': '11111111H'})
u.userdata.save()
self.u = u.userdata
code = Code(user=u.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
m = Message(tlf=u.userdata.tlf, auth_event_id=ae.pk)
m.save()
u2 = User(pk=2, username='******', email='*****@*****.**')
u2.is_active = False
u2.save()
u2.userdata.tlf = '+34766666666'
u2.userdata.event = ae
u2.userdata.metadata = json.dumps({'dni': '11111111H'})
u2.userdata.save()
code = Code(user=u2.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
self.c = JClient()
@override_settings(CELERY_EAGER_PROPAGATES_EXCEPTIONS=True,
CELERY_ALWAYS_EAGER=True,
BROKER_BACKEND='memory')
def test_method_sms_register(self):
data = {
'tlf': '+34666666667',
'code': 'AAAAAAAA',
'email': '*****@*****.**',
'dni': '11111111H'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
def test_method_sms_register_valid_dni(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid dni'), -1)
def test_method_sms_register_invalid_dni(self):
data = {
'tlf': '+34666666667',
'code': 'AAAAAAAA',
'dni': '999',
'email': '*****@*****.**'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_register_valid_email(self):
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'email': '*****@*****.**'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid email'), -1)
def test_method_sms_register_invalid_email(self):
data = {
'tlf': '+34666666667',
'code': 'AAAAAAAA',
'email': 'test@@',
'dni': '11111111H'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_valid_code(self):
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'dni': '11111111H',
'email': '*****@*****.**'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
#self.assertGreaterEqual(Connection.objects.filter(tlf='+34666666666').count(), 1)
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def _test_method_sms_valid_code_timeout(self):
# TODO: check created in code for give code_timeout
time.sleep(test_data.pipe_timestamp)
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'dni': '11111111H',
'email': '*****@*****.**'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_invalid_code(self):
data = {
'tlf': '+34666666666',
'code': 'BBBBBBBB',
'dni': '11111111H',
'email': '*****@*****.**'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_get_perm(self): # Fix
auth = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'email': '*****@*****.**',
'dni': '11111111H'
}
data1 = {
"object_type": "Vote",
"permission": "create",
"object_id": self.aeid
}
data2 = {
"object_type": "Vote",
"permission": "remove",
"object_id": self.aeid
}
response = self.c.post('/api/get-perms', data1)
self.assertEqual(response.status_code, 301)
response = self.c.post('/api/get-perms', data2)
self.assertEqual(response.status_code, 301)
acl = ACL(user=self.u,
object_type='Vote',
perm='create',
object_id=self.aeid)
acl.save()
response = self.c.authenticate(self.aeid, auth)
self.assertEqual(response.status_code, 200)
response = self.c.post('/api/get-perms/', data1)
self.assertEqual(response.status_code, 200)
response = self.c.post('/api/get-perms/', data2)
self.assertEqual(response.status_code, 400)
def test_method_sms_authenticate_valid_code(self):
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'email': '*****@*****.**',
'dni': '11111111H'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_method_sms_authenticate_invalid_code(self):
data = {'email': '*****@*****.**', 'code': 'AAAAAA'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
def test_method_email_authenticate_invalid_code(self):
c = JClient()
data = {'email': '*****@*****.**', 'code': 'AAAAAA'}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
class AuthMethodSmsTestCase(TestCase):
fixtures = ['initial.json']
def setUp(self):
auth_method_config = test_data.authmethod_config_sms_default
ae = AuthEvent(auth_method=test_data.auth_event2['auth_method'],
auth_method_config=auth_method_config,
extra_fields=test_data.auth_event2['extra_fields'],
status='started',
census=test_data.auth_event2['census'])
ae.save()
self.aeid = ae.pk
u = User(pk=1, username='******', email='*****@*****.**')
u.save()
u.userdata.event = ae
u.userdata.tlf = '+34666666666'
u.userdata.metadata = json.dumps({'dni': '11111111H'})
u.userdata.save()
self.u = u.userdata
code = Code(user=u.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
m = Message(tlf=u.userdata.tlf, auth_event_id=ae.pk)
m.save()
u2 = User(pk=2, email='*****@*****.**')
u2.is_active = False
u2.save()
u2.userdata.tlf = '+34766666666'
u2.userdata.event = ae
u2.userdata.metadata = json.dumps({'dni': '11111111H'})
u2.userdata.save()
code = Code(user=u2.userdata, code='AAAAAAAA', auth_event_id=ae.pk)
code.save()
self.c = JClient()
@override_settings(CELERY_EAGER_PROPAGATES_EXCEPTIONS=True,
CELERY_ALWAYS_EAGER=True,
BROKER_BACKEND='memory')
def test_method_sms_register(self):
data = {
'tlf': '+34666666667',
'code': 'AAAAAAAA',
'email': '*****@*****.**',
'dni': '11111111H'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
def test_method_sms_register_valid_dni(self):
data = {'tlf': '+34666666666', 'code': 'AAAAAAAA', 'dni': '11111111H'}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid dni'), -1)
def test_method_sms_register_invalid_dni(self):
data = {
'tlf': '+34666666667',
'code': 'AAAAAAAA',
'dni': '999',
'email': '*****@*****.**'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_sms_register_valid_email(self):
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'email': '*****@*****.**'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'].find('Invalid email'), -1)
def test_method_sms_register_invalid_email(self):
data = {
'tlf': '+34666666667',
'code': 'AAAAAAAA',
'email': 'test@@',
'dni': '11111111H'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_sms_valid_code(self):
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'dni': '11111111H',
'email': '*****@*****.**'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
self.assertTrue(isinstance(r['username'], str))
self.assertTrue(len(r['username']) > 0)
#self.assertGreaterEqual(Connection.objects.filter(tlf='+34666666666').count(), 1)
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def _test_method_sms_valid_code_timeout(self):
# TODO: check created in code for give code_timeout
time.sleep(test_data.pipe_timestamp)
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'dni': '11111111H',
'email': '*****@*****.**'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['message'], 'Incorrect data')
def test_method_sms_invalid_code(self):
data = {
'tlf': '+34666666666',
'code': 'BBBBBBBB',
'dni': '11111111H',
'email': '*****@*****.**'
}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['error_codename'], 'invalid_credentials')
def test_method_sms_get_perm(self): # Fix
auth = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'email': '*****@*****.**',
'dni': '11111111H'
}
data1 = {
"object_type": "Vote",
"permission": "create",
"object_id": self.aeid
}
data2 = {
"object_type": "Vote",
"permission": "remove",
"object_id": self.aeid
}
response = self.c.post('/api/get-perms', data1)
self.assertEqual(response.status_code, 301)
response = self.c.post('/api/get-perms', data2)
self.assertEqual(response.status_code, 301)
acl = ACL(user=self.u,
object_type='Vote',
perm='create',
object_id=self.aeid)
acl.save()
response = self.c.authenticate(self.aeid, auth)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(response.status_code, 200)
self.assertTrue(isinstance(r['username'], str))
self.assertTrue(len(r['username']) > 0)
response = self.c.post('/api/get-perms/', data1)
self.assertEqual(response.status_code, 200)
response = self.c.post('/api/get-perms/', data2)
self.assertEqual(response.status_code, 400)
def test_method_sms_authenticate_valid_code(self):
data = {
'tlf': '+34666666666',
'code': 'AAAAAAAA',
'email': '*****@*****.**',
'dni': '11111111H'
}
response = self.c.authenticate(self.aeid, data)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(isinstance(r['username'], str))
self.assertTrue(len(r['username']) > 0)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertTrue(r['auth-token'].startswith('khmac:///sha-256'))
def test_method_sms_authenticate_invalid_code(self):
data = {'email': '*****@*****.**', 'code': 'AAAAAA'}
response = self.c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
@override_settings(CELERY_EAGER_PROPAGATES_EXCEPTIONS=True,
CELERY_ALWAYS_EAGER=True,
BROKER_BACKEND='memory')
def test_send_sms_with_url2_msg(self):
data = {
'tlf': '+34666666667',
'code': 'AAAAAAAA',
'email': '*****@*****.**',
'dni': '11111111H'
}
response = self.c.register(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
import utils
from authmethods.sms_provider import TestSMSProvider
sms_count0 = TestSMSProvider.sms_count
utils.send_codes(users=[3],
ip='127.0.0.1',
config={
'msg': 'url[__URL2__], code[__CODE__]',
'subject': 'subject'
})
self.assertEqual(1 + sms_count0, TestSMSProvider.sms_count)
import re
o = re.match('url\[(.+)\], code\[([A-Z0-9]+)\]',
TestSMSProvider.last_sms.get('content'))
self.assertEqual(2, len(o.groups()))
test_url = 'public/login/\\' + data.get('tlf') + '/' + o.groups()[1]
e = re.search(test_url, o.groups()[0])
self.assertTrue(e.group(0) == test_url.replace('\\', ''))