def test_handle_login():
# no messages in the beginning
assert not flaskg._login_messages
test_user1 = handle_login(flaskg.user,
login_username='******',
login_password='******',
stage='moin')
test_login_message = ['Invalid username or password.']
assert flaskg._login_messages == test_login_message
assert test_user1.name0 == ANON
assert not test_user1.valid
# pop the message
flaskg._login_messages.pop()
# try with a valid user
givenauth_obj = GivenAuth()
flaskg.user.auth_method = 'given'
givenauth_obj.user_name = 'Test_User'
create_user('Test_User', 'test_pass', '*****@*****.**')
test_user, bool_value = givenauth_obj.request(flaskg.user)
test_user2 = handle_login(test_user,
login_username='******',
login_password='******',
stage='moin')
assert not flaskg._login_messages
assert test_user2.name == [
'Test_User',
]
assert test_user2.valid
def testBugDefaultPasswd(self):
""" Login via LDAP (this creates user profile and up to 1.7.0rc1 it put
a default password there), then try logging in via moin login using
that default password or an empty password.
"""
# do a LDAPAuth login (as a side effect, this autocreates the user profile):
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
# now we kill the LDAP server:
# self.ldap_env.slapd.stop()
# now try a MoinAuth login:
# try the default password that worked in 1.7 up to rc1:
u2 = handle_login(None, username='******', password='******')
assert u2 is None
# try using no password:
u2 = handle_login(None, username='******', password='')
assert u2 is None
# try using wrong password:
u2 = handle_login(None, username='******', password='******')
assert u2 is None
def testMoinLDAPFailOver(self):
""" Try if it does a failover to a secondary LDAP, if the primary fails. """
# authenticate user (with primary slapd):
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
# now we kill our primary LDAP server:
self.ldap_envs[0].slapd.stop()
# try if we can still authenticate (with the second slapd):
u2 = handle_login(None, username='******', password='******')
assert u2 is not None
assert u2.valid
def setup_user():
"""
Try to retrieve a valid user object from the request, be it
either through the session or through a login.
"""
# init some stuff for auth processing:
flaskg._login_multistage = None
flaskg._login_multistage_name = None
flaskg._login_messages = []
# first try setting up from session
try:
userobj = auth.setup_from_session()
except KeyError:
# error caused due to invalid cookie, recreating session
session.clear()
userobj = auth.setup_from_session()
# then handle login/logout forms
form = request.values.to_dict()
if 'login_submit' in form:
# this is a real form, submitted by POST
userobj = auth.handle_login(userobj, **form)
elif 'logout_submit' in form:
# currently just a GET link
userobj = auth.handle_logout(userobj)
else:
userobj = auth.handle_request(userobj)
# if we still have no user obj, create a dummy:
if not userobj:
userobj = user.User(name=ANON, auth_method='invalid')
# if we have a valid user we store it in the session
if userobj.valid:
session['user.itemid'] = userobj.itemid
session['user.trusted'] = userobj.trusted
session['user.auth_method'] = userobj.auth_method
session['user.auth_attribs'] = userobj.auth_attribs
session['user.session_token'] = userobj.get_session_token()
return userobj
def testMoinLDAPLogin(self):
""" Just try accessing the LDAP server and see if usera and userb are in LDAP. """
# tests that must not authenticate:
u = handle_login(None, username='', password='')
assert u is None
u = handle_login(None, username='******', password='')
assert u is None
u = handle_login(None, username='******', password='******')
assert u is None
u = handle_login(None, username='******', password='******')
assert u is None
# tests that must authenticate:
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
u2 = handle_login(None, username='******', password='******')
assert u2 is not None
assert u2.valid
# check if usera and userb have different ids:
assert u1.id != u2.id
