def test_single_session_per_whistleblower(self): """ Asserts that the first_id is dropped from Sessions and requests using that session id are rejected """ yield self.perform_full_submission_actions() handler = self.request({'receipt': self.dummySubmission['receipt']}) handler.request.client_using_tor = True response = yield handler.post() first_id = response['session_id'] wbtip_handler = self.request(headers={'x-session': first_id}, handler_cls=WBTipInstance) yield wbtip_handler.get() response = yield handler.post() second_id = response['session_id'] wbtip_handler = self.request(headers={'x-session': first_id}, handler_cls=WBTipInstance) yield self.assertRaises(errors.NotAuthenticated, wbtip_handler.get) self.assertTrue(Sessions.get(first_id) is None) valid_session = Sessions.get(second_id) self.assertTrue(valid_session is not None) self.assertEqual(valid_session.user_role, 'whistleblower') wbtip_handler = self.request(headers={'x-session': second_id}, handler_cls=WBTipInstance) yield wbtip_handler.get()
def post(self): """ Receipt login handler used by whistleblowers """ request = self.validate_message(self.request.content.read(), requests.ReceiptAuthDesc) receipt = request['receipt'] delay = random_login_delay() if delay: yield deferred_sleep(delay) user_id = yield login_whistleblower(receipt, self.request.client_using_tor) Sessions.revoke_all_sessions(user_id) session = new_session(user_id, 'whistleblower', 'Enabled') returnValue({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()) })
def post(self): """ Login """ request = self.validate_message(self.request.content.read(), requests.AuthDesc) username = request['username'] password = request['password'] delay = random_login_delay() if delay: yield deferred_sleep(delay) user_id, status, role, pcn = yield login(username, password, self.request.client_using_tor) # Revoke all other sessions for the newly authenticated user Sessions.revoke_all_sessions(user_id) session = new_session(user_id, role, status) returnValue({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()), 'status': session.user_status, 'password_change_needed': pcn })
def test_single_session_per_user(self): handler = self.request({ 'username': '******', 'password': helpers.VALID_PASSWORD1 }) r1 = yield handler.post() r2 = yield handler.post() self.assertTrue(Sessions.get(r1['session_id']) is None) self.assertTrue(Sessions.get(r2['session_id']) is not None)
def init_glsettings_for_unit_tests(): Settings.testing = True Settings.set_devel_mode() Settings.logging = None Settings.failed_login_attempts = 0 Settings.working_path = './working_path' Settings.eval_paths() Settings.set_ramdisk_path() Settings.remove_directories() Settings.create_directories() State.orm_tp = FakeThreadPool() State.tenant_cache[1].hostname = 'localhost' Sessions.clear()
def init_state(): Settings.testing = True Settings.set_devel_mode() Settings.logging = None Settings.failed_login_attempts = 0 Settings.working_path = './working_path' Settings.eval_paths() if os.path.exists(Settings.working_path): dir_util.remove_tree(Settings.working_path, 0) orm.set_thread_pool(FakeThreadPool()) State.settings.enable_api_cache = False State.tenant_cache[1] = ObjectDict() State.tenant_cache[1].hostname = 'www.globaleaks.org' State.init_environment() Sessions.clear()
def initialization(self): # we need to reset settings.session to keep each test independent Sessions.clear() # we need to reset ApiCache to keep each test independent ApiCache.invalidate()