def authenticate(email, password='', _oauthed=False):
"""
returns session if successful else returns None
"""
if not validate_email(email):
raise InvalidEmailError(email)
email = email.lower()
user = User.get(User.email == email)
if not user:
raise EmailiDoesNotExistError(email)
if _oauthed:
return sessionslib.create(user.id,
user.groups,
extras={
'email': email,
'name': user.name
})
if user.password == encrypt(password, settings.SALT):
return sessionslib.create(user.id,
user.groups,
extras={
'email': email,
'name': user.name
})
raise AuthError(email)
def test_sessions():
uid, groups, k, v = 98765, ['admin', 'member'], 'foo', 'bar'
sid = sessionslib.create(uid, groups)
assert len(sid) > 43
sid_new = sessionslib.create(uid, groups)
assert sid == sid_new
sessionslib.add_to_session(sid, {k: v})
d = sessionslib.get(sid)
assert d[k] == v
sessionslib.remove_from_session(sid, k)
d = sessionslib.get(sid)
assert k not in d
sessionslib.destroy(sid)
assert sessionslib.get(sid) == {}
def test_sessions():
uid, groups, k, v = 98765, ['admin', 'member'], 'foo', 'bar'
sid = sessionslib.create(uid, groups)
assert len(sid) > 43
sid_new = sessionslib.create(uid, groups)
assert sid == sid_new
sessionslib.update(sid, {k: v})
d = sessionslib.get(sid)
assert d[k] == v
sessionslib.remove_from_session(sid, k)
d = sessionslib.get(sid)
assert k not in d
sessionslib.destroy(sid)
assert sessionslib.get(sid) == {}
def test_sessions():
uid, groups, k, v = 987651, ['admin', 'member'], 'foo', 'bar'
sid = sessionslib.create(uid, groups, extras=dict(email='*****@*****.**'))
assert len(sid) == 43
sid_new = sessionslib.create(uid, groups)
assert sid == sid_new
sessionslib.update(sid, {k: v})
d = sessionslib.get(sid)
assert d[k] == v
assert d['email'] == '*****@*****.**'
sessionslib.remove_from_session(sid, k)
d = sessionslib.get(sid)
assert k not in d
sessionslib.destroy(sid)
assert sessionslib.get(sid) == {}
def set_user_context(uid=None, email=None):
if email:
user = User.get(User.email == email.lower())
else:
user = User.get(User.id == uid)
sid = sessionslib.create(user.id, user.groups)
context.set_context(uid=user.id, sid=sid, groups=user.groups)
def test_session_lookups():
uids = range(10000, 10010)
groups = ['grp1', 'grp2']
for uid in uids:
sid = sessionslib.create(uid, groups)
assert sessionslib.sid2uidgroups(sid) == (uid, groups)
sessionslib.destroy(sid)
assert sessionslib.get(sid) == {}
def test_session_lookups():
uids = xrange(10000, 10010)
groups = ['grp1', 'grp2']
for uid in uids:
sid = sessionslib.create(uid, groups)
assert sessionslib.sid2uidgroups(sid) == (uid, groups)
sessionslib.destroy(sid)
assert sessionslib.get(sid) == {}
def test_add_user_no_session(self):
resp = self.client.post('/api/users/', data=json.dumps(self.test_user_data))
assert resp.status_code == 200
uid = json.loads(resp.data)['result']
resp = self.client.post('/api/add', data=json.dumps({'a': 1, 'b': 2}))
self.assertEquals(resp.status_code, 403)
sid = sessionslib.create(uid, self.test_user_data['groups'])
self.client.set_cookie('localhost.localdomain', 'session_id', sid)
resp = self.client.post('/api/add', data=json.dumps({'a': 1, 'b': 2}))
assert resp.status_code == 200
assert json.loads(resp.data)['result'] == 3
def test_add_user_no_session(self):
resp = self.client.post('/api/users/', data=json.dumps(self.test_user_data))
assert resp.status_code == 200
uid = json.loads(resp.data)['result']
resp = self.client.post('/api/add', data=json.dumps({'a': 1, 'b': 2}))
self.assertEquals(resp.status_code, 403)
sid = sessionslib.create(uid, self.test_user_data['groups'])
self.client.set_cookie('localhost.localdomain', 'session_id', sid)
resp = self.client.post('/api/add', data=json.dumps({'a': 1, 'b': 2}))
assert resp.status_code == 200
assert json.loads(resp.data)['result'] == 3
def test_update_attribute():
sid = sessions.create()
assert sessions.update_attribute(sid, 'prefs', {'last_seen': '10/05/2016'})
value = sessions.get_attribute(sid, 'prefs')
assert value['last_seen'] == '10/05/2016'
assert sessions.update_attribute(sid, 'prefs', {'last_seen': '11/05/2016'})
value = sessions.get_attribute(sid, 'prefs')
assert value['last_seen'] == '11/05/2016'
def authenticate(email, password):
"""
returns session if successful else returns None
"""
if not validate_email(email):
raise InvalidEmailError(email)
user = User.get(User.email == email.lower())
if not user:
raise EmailiDoesNotExistError(email)
if user.password == encrypt(password, settings.SALT):
return sessionslib.create(user.id, user.groups)
raise AuthError(email)
def complete_signup(token, groups=None):
"""
Do not expose this function directly
"""
key = gen_signup_key(token)
data = rconn.hgetall(key)
if not data:
raise InvalidTokenError()
data['groups'] = groups
uid = create(**data)
user = info(uid=uid)
return sessionslib.create(uid, user['groups'])
def test_delete_session():
sid = sessions.create()
data = sessions.get(sid)
data['prefs'] = {'last_seen': '10/05/2016'}
assert sessions.update(sid, data)
data = sessions.get(sid)
assert data['prefs']['last_seen'] == '10/05/2016'
assert sessions.destroy(sid)
data = sessions.get(sid)
assert data == {}
def authenticate(email, password):
"""
returns session if successful else returns None
"""
if not validate_email(email):
raise InvalidEmailError(email)
conn = sa.connect()
q = select([users.c.id, users.c.password, users.c.groups]).where(users.c.email == email.lower())
row = conn.execute(q).fetchone()
if not row:
raise EmailiDoesNotExistError(email)
uid, encpassword, groups = conn.execute(q).fetchone()
if encpassword == encrypt(password, settings.SALT):
return sessionslib.create(uid, groups)
def test_get_attribute():
sid = sessions.create()
data = sessions.get(sid)
data['prefs'] = {'last_seen': '10/05/2016'}
assert sessions.update(sid, data)
data = sessions.get(sid)
assert data['prefs']['last_seen'] == '10/05/2016'
value = sessions.get_attribute(sid, 'prefs')
assert value['last_seen'] == '10/05/2016'
value = sessions.get_attribute(sid, 'ar')
assert value is None
def test_create_session():
sid = sessions.create()
assert isinstance(sid, str) and len(sid) == 43
def test_get_session():
sid = sessions.create()
data = sessions.get(sid)
assert data == {'groups': [], 'uid': ''}